[afnog] Tricky freeradius proxying with legacy clients

Shepherd Magumo shepherd at snowball.co.za
Mon Mar 15 12:42:39 UTC 2010


Good day,

I recently introduced a new radius server(Radius2) that I want to work
with the old radius server(Radius1).

1. Radius1 is in production with some legacy clients that are still
connecting without a realm in the form client.surname and clients with
a realm in the form client.surname at realm.net. This server caters for
subscription clients with monthly reset on.

2. Radius2 is being introduced to accommodate new client mostly on
vouchers and prepaid packages. I do not want to complicate usernames
on this server so no realms will be used by default.

3. As part of my intended architecture, I have configured Radius2 as a
proxy for realm @realm.net as explained in point 1 above. On a test
radiusclient, I configured Radius2 as my radius and it is proxying
correctly to Radius1 and connecting.

Now my issue is how do I cater for the legacy client without a realm
as explained in point1, i.e client.surname?
Is there a radius option where if user does not exist on Radius2, then
I can try request on Radius1?

Please help.

regards,

Shepherd



More information about the afnog mailing list