Iffy idea engineering using freeradius :-)
This is a discussion on Iffy idea engineering using freeradius :-) within the FreeRADIUS Users forums, part of the Networking and Network Related category; This is a multi-part message in MIME format. ------_=_NextPart_001_01C51446.F5E05274 Content-Type: text/plain; charset="us-ascii&...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
02-16-2005
|
|||
|
|||
Iffy idea engineering using freeradius :-)
This is a multi-part message in MIME format.
------_=_NextPart_001_01C51446.F5E05274 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable I need to blindly forward all requests that my radius server gets to another radius server without adding a realm to the requests. Let me explain what I am doing, in the mid 90s an ISP opened up and started signing people up and didn't use a database or any sort of record keeping to keep track of their usernames and passwords, they're using 2 old BSD3.0 merit radius servers, the time has come to upgrade these servers because honestly they're dying. =20 So what im going to do is catch the request from their NAS boxes, log successful logins [the usernames and passwords to a MySQL database] and then once I have roughly 95-97% of the population im going to use that list to create them a new radius server. The problem I am having is when the NAS boxes send the request to the FreeRadius server, the freeradius server appears to be adding the realm of "NULL" to the requests that it is sending to the merit radius server, and the merit radius server is rejecting the requests.=20 =20 rlm_realm: No '@' in User-Name =3D "aweaver", looking up realm NULL rlm_realm: Found realm "NULL" rlm_realm: Adding Stripped-User-Name =3D "aweaver" rlm_realm: Proxying request from user aweaver to realm NULL rlm_realm: Adding Realm =3D "NULL" rlm_realm: Preparing to proxy authentication request to realm "NULL" =20 So basically what I need to do is have Freeradius basically proxy requests and act like a "NAS" just pass the requests through to their radius box. =20 If anyone has any clue what im talking about let me know :D =20 Thanks, -Drew =20 ------_=_NextPart_001_01C51446.F5E05274 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable <html xmlns:o=3D"urn:schemas-microsoft-com:office:office" = xmlns:w=3D"urn:schemas-microsoft-com:office:word" = xmlns=3D"http://www.w3.org/TR/REC-html40"> <head> <meta http-equiv=3DContent-Type content=3D"text/html; = charset=3Dus-ascii"> <meta name=3DGenerator content=3D"Microsoft Word 11 (filtered medium)"> <style> <!-- /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {margin:0in; margin-bottom:.0001pt; font-size:12.0pt; font-family:"Times New Roman";} a:link, span.MsoHyperlink {color:blue; text-decoration:underline;} a:visited, span.MsoHyperlinkFollowed {color:purple; text-decoration:underline;} span.EmailStyle17 {mso-style-type:personal-compose; font-family:Arial; color:windowtext;} @page Section1 {size:8.5in 11.0in; margin:1.0in 1.25in 1.0in 1.25in;} div.Section1 {page:Section1;} --> </style> </head> <body lang=3DEN-US link=3Dblue vlink=3Dpurple> <div class=3DSection1> <p class=3DMsoNormal><font size=3D2 face=3DArial><span = style=3D'font-size:10.0pt; font-family:Arial'> = I need to blindly forward all requests that my radius server gets to = another radius server without adding a realm to the requests. Let me explain = what I am doing, in the mid 90s an ISP opened up and started signing people up and = didn’t use a database or any sort of record keeping to keep track of their = usernames and passwords, they’re using 2 old BSD3.0 merit radius servers, = the time has come to upgrade these servers because honestly they’re = dying.<o:p></o:p></span></font></p> <p class=3DMsoNormal><font size=3D2 face=3DArial><span = style=3D'font-size:10.0pt; font-family:Arial'><o:p> </o:p></span></font></p> <p class=3DMsoNormal><font size=3D2 face=3DArial><span = style=3D'font-size:10.0pt; font-family:Arial'> = So what im going to do is catch the request from their NAS boxes, log = successful logins [the usernames and passwords to a MySQL database] and then once I = have roughly 95-97% of the population im going to use that list to create = them a new radius server. The problem I am having is when the NAS boxes send the = request to the FreeRadius server, the freeradius server appears to be adding the = realm of “NULL” to the requests that it is sending to the merit = radius server, and the merit radius server is rejecting the requests. = <o:p></o:p></span></font></p> <p class=3DMsoNormal><font size=3D2 face=3DArial><span = style=3D'font-size:10.0pt; font-family:Arial'><o:p> </o:p></span></font></p> <p class=3DMsoNormal><font size=3D2 face=3DArial><span = style=3D'font-size:10.0pt; font-family:Arial'> rlm_realm: No '@' in User-Name =3D "aweaver", looking up realm NULL<o:p></o:p></span></font></p> <p class=3DMsoNormal><font size=3D2 face=3DArial><span = style=3D'font-size:10.0pt; font-family:Arial'> rlm_realm: Found realm = "NULL"<o:p></o:p></span></font></p> <p class=3DMsoNormal><font size=3D2 face=3DArial><span = style=3D'font-size:10.0pt; font-family:Arial'> rlm_realm: Adding = Stripped-User-Name =3D "aweaver"<o:p></o:p></span></font></p> <p class=3DMsoNormal><font size=3D2 face=3DArial><span = style=3D'font-size:10.0pt; font-family:Arial'> rlm_realm: Proxying request from = user aweaver to realm NULL<o:p></o:p></span></font></p> <p class=3DMsoNormal><font size=3D2 face=3DArial><span = style=3D'font-size:10.0pt; font-family:Arial'> rlm_realm: Adding Realm =3D = "NULL"<o:p></o:p></span></font></p> <p class=3DMsoNormal><font size=3D2 face=3DArial><span = style=3D'font-size:10.0pt; font-family:Arial'> rlm_realm: Preparing to proxy authentication request to realm = "NULL"<o:p></o:p></span></font></p> <p class=3DMsoNormal><font size=3D2 face=3DArial><span = style=3D'font-size:10.0pt; font-family:Arial'><o:p> </o:p></span></font></p> <p class=3DMsoNormal><font size=3D2 face=3DArial><span = style=3D'font-size:10.0pt; font-family:Arial'> = So basically what I need to do is have Freeradius basically proxy requests = and act like a “NAS” just pass the requests through to their radius = box.<o:p></o:p></span></font></p> <p class=3DMsoNormal><font size=3D2 face=3DArial><span = style=3D'font-size:10.0pt; font-family:Arial'><o:p> </o:p></span></font></p> <p class=3DMsoNormal><font size=3D2 face=3DArial><span = style=3D'font-size:10.0pt; font-family:Arial'>If anyone has any clue what im talking about let me = know :D<o:p></o:p></span></font></p> <p class=3DMsoNormal><font size=3D2 face=3DArial><span = style=3D'font-size:10.0pt; font-family:Arial'><o:p> </o:p></span></font></p> <p class=3DMsoNormal><font size=3D2 face=3DArial><span = style=3D'font-size:10.0pt; font-family:Arial'>Thanks,<o:p></o:p></span></font></p> <p class=3DMsoNormal><font size=3D2 face=3DArial><span = style=3D'font-size:10.0pt; font-family:Arial'>-Drew<o:p></o:p></span></font></p> <p class=3DMsoNormal><font size=3D2 face=3DArial><span = style=3D'font-size:10.0pt; font-family:Arial'><o:p> </o:p></span></font></p> </div> </body> </html> ------_=_NextPart_001_01C51446.F5E05274-- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html 
|
 |
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT +1. The time now is 01:16 AM.
