[RADIATOR] Multiple AuthBy Radius hosts
eliran shlomo
eliranshlomo at gmail.com
Sun Aug 26 05:10:35 CDT 2012
<AuthBy RADIUS>
Identifier ProxyAccounting
Host *********
NoForwardAuthentication
AcctPort 1813
FailureBackoffTime 180
Retries 1
RetryTimeout 3
Secret *******
</AuthBy>
<AuthBy RADIUS>
Identifier ProxyAccounting71
Host ***********
NoForwardAuthentication
AcctPort 1813
FailureBackoffTime 180
Retries 1
RetryTimeout 3
Secret ***********
</AuthBy>
<Handler Request-Type=Accounting-Request, X-IPASS=IPASS>
include %{GlobalVar:CONFIGROOT}/include/RewriteUsername.inc
PreAuthHook file:"%{GlobalVar:CONFIGROOT}/include/proxyhook.pl"
AuthByPolicy ContinueAlways
AuthBy ProxyAccounting
AuthBy ProxyAccounting71
AccountingHandled
SessionDatabase SDB1
AcctLogFileName %{GlobalVar:DETAILDIR}/%c/detail-%Y%m%d.csv
AcctLogFileFormat \
%{User-Name},%{Acct-Session-Id},%{Framed-IP-Address},\
%{Calling-Station-Id},%{Called-Station-Id},%{NAS-IP-Address},\
%{NAS-Port-Type},%{NAS-Port},%{Acct-Status-Type},\
%{Tunnel-Server-Endpoint},%{Tunnel-Client-Endpoint},\
%{Tunnel-Server-Auth-ID},%{Tunnel-Client-Auth-ID},\
%{RB-Context-Name},%{Acct-Input-Octets},%{Acct-Output-Octets},\
%{Acct-Input-Gigawords},%{Acct-Output-Gigawords},\
%{RB-QoS-Metering-Profile-Name},%{Acct-Terminate-Cause},\
%{Acct-Session-Time},%{Event-Timestamp},\
%{Acct-Authentic},%{Acct-Delay-Time},\
%{Acct-Input-Packets},%{Acct-Output-Packets},\
%{Framed-Protocol},%{Service-Type}
</Handler>
<Handler Request-Type = Accounting-Request, Class = "Ignore">
AccountingHandled
SessionDatabase SDB_NULL
</Handler>
<Handler Request-Type=Accounting-Request, Client-Identifier = /^*****/,
Acct-Status-Type = /^(Start|Stop)/>
include %{GlobalVar:CONFIGROOT}/include/RewriteUsername*****.inc
PostProcessingHook file:"%{GlobalVar:CONFIGROOT}/include/
write-start-file.pl"
PreAuthHook file:"%{GlobalVar:CONFIGROOT}/include/proxyhook.pl"
AuthByPolicy ContinueAlways
AuthBy ProxyAccounting
AuthBy ProxyAccounting71
SessionDatabase SDB1
AccountingHandled
AcctLogFileName %{GlobalVar:DETAILDIR}/%c/detail-%Y%m%d.csv
AcctLogFileFormat \
%{User-Name},%{Acct-Session-Id},%{Framed-IP-Address},\
%{Calling-Station-Id},%{Called-Station-Id},%{NAS-IP-Address},\
%{NAS-Port-Type},%{NAS-Port},%{Acct-Status-Type},\
%{Tunnel-Server-Endpoint},%{Tunnel-Client-Endpoint},\
%{Tunnel-Server-Auth-ID},%{Tunnel-Client-Auth-ID},\
%{RB-Context-Name},%{Acct-Input-Octets},%{Acct-Output-Octets},\
%{Acct-Input-Gigawords},%{Acct-Output-Gigawords},\
%{RB-QoS-Metering-Profile-Name},%{Acct-Terminate-Cause},\
%{Acct-Session-Time},%{Event-Timestamp},\
%{Acct-Authentic},%{Acct-Delay-Time},\
%{Acct-Input-Packets},%{Acct-Output-Packets},\
%{Framed-Protocol},%{Service-Type}
</Handler>
<Handler Request-Type=Accounting-Request, Client-Identifier = /^*****/,
Acct-Status-Type = /^(Alive)/>
include %{GlobalVar:CONFIGROOT}/include/RewriteUsername*****.inc
PreAuthHook file:"%{GlobalVar:CONFIGROOT}/include/proxyhook.pl"
AuthByPolicy ContinueAlways
AuthBy ProxyAccounting
AuthBy ProxyAccounting71
SessionDatabase NULL
AccountingHandled
AcctLogFileName %{GlobalVar:DETAILDIR}/%c/detail-%Y%m%d.csv
AcctLogFileFormat \
%{User-Name},%{Acct-Session-Id},%{Framed-IP-Address},\
%{Calling-Station-Id},%{Called-Station-Id},%{NAS-IP-Address},\
%{NAS-Port-Type},%{NAS-Port},%{Acct-Status-Type},\
%{Tunnel-Server-Endpoint},%{Tunnel-Client-Endpoint},\
%{Tunnel-Server-Auth-ID},%{Tunnel-Client-Auth-ID},\
%{RB-Context-Name},%{Acct-Input-Octets},%{Acct-Output-Octets},\
%{Acct-Input-Gigawords},%{Acct-Output-Gigawords},\
%{RB-QoS-Metering-Profile-Name},%{Acct-Terminate-Cause},\
%{Acct-Session-Time},%{Event-Timestamp},\
%{Acct-Authentic},%{Acct-Delay-Time},\
%{Acct-Input-Packets},%{Acct-Output-Packets},\
%{Framed-Protocol},%{Service-Type}
</Handler>
<Handler Request-Type=Accounting-Request, Acct-Status-Type =
/^(Start|Stop)/>
include %{GlobalVar:CONFIGROOT}/include/RewriteUsername.inc
PostProcessingHook file:"%{GlobalVar:CONFIGROOT}/include/
write-start-file.pl"
PreAuthHook file:"%{GlobalVar:CONFIGROOT}/include/proxyhook.pl"
AuthByPolicy ContinueAlways
AuthBy ProxyAccounting
AuthBy ProxyAccounting71
SessionDatabase SDB1
AccountingHandled
AcctLogFileName %{GlobalVar:DETAILDIR}/%c/detail-%Y%m%d.csv
AcctLogFileFormat \
%{User-Name},%{Acct-Session-Id},%{Framed-IP-Address},\
%{Calling-Station-Id},%{Called-Station-Id},%{NAS-IP-Address},\
%{NAS-Port-Type},%{NAS-Port},%{Acct-Status-Type},\
%{Tunnel-Server-Endpoint},%{Tunnel-Client-Endpoint},\
%{Tunnel-Server-Auth-ID},%{Tunnel-Client-Auth-ID},\
%{RB-Context-Name},%{Acct-Input-Octets},%{Acct-Output-Octets},\
%{Acct-Input-Gigawords},%{Acct-Output-Gigawords},\
%{RB-QoS-Metering-Profile-Name},%{Acct-Terminate-Cause},\
%{Acct-Session-Time},%{Event-Timestamp},\
%{Acct-Authentic},%{Acct-Delay-Time},\
%{Acct-Input-Packets},%{Acct-Output-Packets},\
%{Framed-Protocol},%{Service-Type}
</Handler>
<Handler Request-Type=Accounting-Request, Acct-Status-Type = /^Alive/>
include %{GlobalVar:CONFIGROOT}/include/RewriteUsername.inc
PreAuthHook file:"%{GlobalVar:CONFIGROOT}/include/proxyhook.pl"
AuthByPolicy ContinueAlways
AuthBy ProxyAccounting
AuthBy ProxyAccounting71
SessionDatabase NULL
AccountingHandled
AcctLogFileName %{GlobalVar:DETAILDIR}/%c/detail-%Y%m%d.csv
AcctLogFileFormat \
%{User-Name},%{Acct-Session-Id},%{Framed-IP-Address},\
%{Calling-Station-Id},%{Called-Station-Id},%{NAS-IP-Address},\
%{NAS-Port-Type},%{NAS-Port},%{Acct-Status-Type},\
%{Tunnel-Server-Endpoint},%{Tunnel-Client-Endpoint},\
%{Tunnel-Server-Auth-ID},%{Tunnel-Client-Auth-ID},\
%{RB-Context-Name},%{Acct-Input-Octets},%{Acct-Output-Octets},\
%{Acct-Input-Gigawords},%{Acct-Output-Gigawords},\
%{RB-QoS-Metering-Profile-Name},%{Acct-Terminate-Cause},\
%{Acct-Session-Time},%{Event-Timestamp},\
%{Acct-Authentic},%{Acct-Delay-Time},\
%{Acct-Input-Packets},%{Acct-Output-Packets},\
%{Framed-Protocol},%{Service-Type}
</Handler>
2012/8/26 Heikki Vatiainen <hvn at open.com.au>
> On 08/26/2012 09:59 AM, eliran shlomo wrote:
>
> > Hi, i tried it and it send the first packet to both of the AuthBy server
> > and then it sends it to the authby1 only.
>
> Can you reply with your current configuration. You need one AuthBy
> clause for each server you want to forward the request to. Within
> AuthBy, the hosts are for failure recovery only and you can not force
> forwarding to multiple hosts within one AuthBy.
>
> Thanks,
> Heikki
>
>
> > I need that the packet will send to the both server with no condition
> > that the first one is down or not responding...
> >
> > B.w
> > thanks for the help, really appreciate the time you spend to help :)
> >
> > 2012/8/23 Heikki Vatiainen <hvn at open.com.au <mailto:hvn at open.com.au>>
> >
> > On 08/23/2012 04:54 PM, eliran shlomo wrote:
> >
> > > Is there another way to do it?
> > > because we got 6 different Handlers,and i wish to save lines
> > inside the
> > > configuration file...
> >
> > Yes, here is an alternative:
> >
> > <AuthBy RADIUS>
> > Identifier authby1
> > Secret mysecret2
> > Host 127.0.0.1
> > AuthPort 1812
> > AcctPort 1813
> > </AuthBy>
> > <AuthBy RADIUS>
> > Identifier authby2
> > Secret mysecret2
> > Host 127.0.0.2
> > AuthPort 1812
> > AcctPort 1813
> > </AuthBy>
> >
> > <Handler something>
> > AuthBy authby1
> > AuthBy authby2
> > </Handler>
> >
> > <Handler somethingelse>
> > AuthBy authby1
> > AuthBy authby2
> > </Handler>
> >
> > Thanks,
> > Ḧeikki
> >
> >
> > --
> > Heikki Vatiainen <hvn at open.com.au <mailto:hvn at open.com.au>>
> >
> > Radiator: the most portable, flexible and configurable RADIUS server
> > anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> > Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP,
> TLS,
> > TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
> > DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
> > NetWare etc.
> > _______________________________________________
> > radiator mailing list
> > radiator at open.com.au <mailto:radiator at open.com.au>
> > http://www.open.com.au/mailman/listinfo/radiator
> >
>
>
> --
> Heikki Vatiainen <hvn at open.com.au>
>
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
> TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
> DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
> NetWare etc.
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.open.com.au/pipermail/radiator/attachments/20120826/1c48fd08/attachment-0001.html
More information about the radiator
mailing list