(RADIATOR) AuthBy Policy behavior is not taking place when AuthBy Radius is used.

Hugh Irvine hugh at open.com.au
Thu Aug 8 16:45:55 CDT 2002 

Salut Julien -

You are correct, you cannot use a normal AuthByPolicy with AuthBy RADIUS 
clauses. This is because the AuthBy RADIUS clause operates 
asynchronously and it always returns IGNORE immediately after it has 
forwarded the request to the proxy target (subject to the following 
parameters).

You can control the behaviour of the AuthBy RADIUS clause by using the 
following parameters:

	NoForwardAuthentication
	IgnoreAuthentication
	NoForwardAccounting
	IgnoreAccounting
	IgnoreAccountingResponse

In your case you would use IgnoreAuthentication and 
IgnoreAccountingResponse.

Have a look at section 6.29 in the Radiator reference manual 
("doc/ref.html").

regards

Hugh


On Friday, August 9, 2002, at 02:51 AM, <jchavanton at oneworldtelecom.ca> 
wrote:

> Hi,
>
> I have found that AuthBy Policy behavior is not taking place when 
> AuthBy Radius is used.
>
>
> In this exemple my radius server will send 3 reply to the NAS for every 
> Accounting-Request he receive, 1 for each <AuthBy Radius> and one for 
> <AuthBy INTERNAL>
> even if I use   "AuthByPolicy anything else" .
>
> <Realm TST>
> 	<AuthBy GROUP>
> 			AuthByPolicy	anything else
> 			<AuthBy RADIUS>
> 				NoForwardAuthentication
> 				Host 111.111.111.111
> 				Secret 1111
> 				AcctPort 1646
> 				Retries 1
> 				RetryTimeout 2
> 			</AuthBy>
> 			<AuthBy RADIUS>
> 				NoForwardAuthentication
> 				Host 222.222.222.222
> 				Secret 2222
> 				AcctPort 1646
> 				Retries 1
> 				RetryTimeout 2
> 			</AuthBy>
> 			<AuthBy INTERNAL>
> 			Identifier FullReply
> 			AuthResult			ACCEPT
> 			AcctStartResult			ACCEPT
> 			AcctStopResult			ACCEPT
> 			</AuthBy>		
> 	</AuthBy>
> </Realm>
>
>
> ***************** AuthBy Radius In your documentation ******************
> If and when the remote radius server replies to us, we will forward the 
> reply back to the client that originally sent the request to us.
>
> ***************** AuthBy Policy In your documentation ******************
> anything else  Always do every authentication method. Returns the 
> result of the last one.
>
> My question, is there a way to control the behavior of the reply in 
> AuthBy Radius ?
>
>
> Julien Chavanton
>
>
>
>
>
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list