(RADIATOR) Splitting Auth and Accounting

Hugh Irvine hugh at open.com.au
Fri Sep 14 03:15:46 CDT 2001 

Hello Paul -

There are two ways of doing this, either with Handlers or by running two 
instances of Radiator (one for authentication the other for accounting).

Using Handlers you would do this:

<Handler Request-Type = Accounting-Request, Realm = realm.net>
	.....
</Handler>

<Handler Realm = realm.net>
	.....
</Handler>

Using two instances, you would do this on the authentication server:

AuthPort 1812
AcctPort

and this on the accounting server:

AuthPort
AcctPort 1813

You would of course use the port numbers that are appropriate for your 
installation.

hth

Hugh


On Thursday 13 September 2001 14:24, Paul Thorton wrote:
> Hi,
>
> I have been reading the Mailing list archives in an attempt to find out
> how
> to split the Authentication and Accounting up, in order to authenticate
> from
> a flat file, but send the accounting packet to another radius server
> (Proxy it)
>
> I have seen one example of this, but it was not very clear. Can you
> please help.
>
> I was thinking, something like this might work?
>
> <Handler Realm=realm.net>
>       AcctLogFileName         /var/log/radacct/detail
>       PreAuthHook             file:"/usr/local/etc/preauthhook.pl"
> 	AuthByPolicy DoAllAuths
> 	<AuthBy FILE>
> 		Filename %D/auth_file
> 	</AuthBy>
>       <AuthBy RADIUS>
>       	Host              1.1.1.1
>             Secret            blahblah
> 		# AuthPort		1812 # Commented out as only
> want to send account
>             AcctPort          1813
>             ReplyHook         file:"/usr/local/etc/replyhook.pl"
>       </AuthBy>
> </Handler>
>
> I am guessing if the <AuthBy File> fails, it will reject the user
> completely and
> not send the accounting packet? If this is the right way to do it? I
> basically
> do not want the radius server to know about it unless it authenticates
> of the
> flat file correctly.
>
> Cheers,
>
> Paul Thornton.
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.

-- 
Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list