Greetings,
What we have here is a setup where radiator does different things based on
the user's realm...
IE: do a AuthBy FILE for some of them, and others it will do a AuthBy RADIUS
to other servers...
However, in one of the AuthBy RADIUS' I don't want to forward accounting
requests, but instead of ignoring them, I want to acknowledge then from
radiator.
I know about NoForwardAccounting, but this tells radiator to ignore the
request, and so radiator doesn't send the NAS the Accounting-Response, so the
NAS resends it, thinking it has failed.
The realm in question has the config structure of:
<Realm ...>
<AuthBy GROUP>
AuthByPolicy ContinueUntilReject
# Has the user being suspeneded by the billing software?
<AuthBy FILE>
AcceptIfMissing
Filename %D/users.notallowed
</AuthBy>
# If here, then user hasn't been suspended, but are they valid?
<AuthBy RADIUS>
Host otherserver
</AuthBy>
</AuthBy>
</Realm>
Is there a simple way of having the AuthBy RADIUS still forward the
access-request as per normal, but if an accounting-request comes in, not have
it forwarded to the other radius server, but acknowledged either by the Realm
or something else?
Something like this for the 2nd AuthBy (replacing the AuthBy RADIUS)...
<AuthBy GROUP>
AuthByPolicy ContinueWhileIgnore
# Check in radius to see if valid for logins, but don't forward acct
<AuthBy RADIUS>
NoForwardAccounting
Host otherserver
</AuthBy>
# Ok, here, we just use a file...
<AuthBy FILE>
Filename %D/users.allowed
</AuthBy>
</AuthBy>
then %D/users.allowed has basically:
DEFAULT
Service-Type = Framed-User,
....
Or is my logic not right in the case of access requests won't get handled as
expected?
Thanks for any help.
ivan.
--
Ivan Brawley
Internode Professional Access.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
