Project

General

Profile

Issue #2229

Using different radius servers for different connections

Added by Bjarke Istrup Pedersen almost 5 years ago. Updated almost 5 years ago.

Status:
Closed
Priority:
Normal
Category:
configuration
Affected version:
5.5.1
Resolution:
No change required

Description

Is it possible to have two different connections, both using the eap-radius module, but with two different servers?

So people connecting to the CON1 connection is authenticated using the RAD1 server, and people using CON2 is authenticated using the RAD2 server.

The reason I'm asking is, that I'm trying to implement eap-radius support in OPNsense, and I'm wondering how to best have support for selection the radius servers.
Like, if you cannot define which servers to use for each connection, it does not make sense to be able to define the servers on the connection (since you then can create two connections with different servers, but not getting the expected result, since they would be sharing the radius servers).


Related issues

Has duplicate Issue #2422: separate radius requests between two radius serversClosed

History

#1 Updated by Tobias Brunner almost 5 years ago

  • Status changed from New to Feedback

Is it possible to have two different connections, both using the eap-radius module, but with two different servers?

No that's currently not directly possible. You'd have to use a RADIUS proxy to forward Access-Requests to different servers e.g. based on the Username/EAP-Identity, NAS-Port-Id (contains the connection name) or NAS-IP-Address/Called-Station-Id (if you use different server IPs/ports for different connections).

#2 Updated by Bjarke Istrup Pedersen almost 5 years ago

Okay, so it will have to be the collected pool of selected servers, which makes it easier for me :)

#3 Updated by Tobias Brunner almost 5 years ago

  • Category set to configuration
  • Status changed from Feedback to Closed
  • Assignee set to Tobias Brunner
  • Resolution set to No change required

Okay, so it will have to be the collected pool of selected servers

Correct, see EapRadius for details.

#4 Updated by Tobias Brunner over 4 years ago

  • Has duplicate Issue #2422: separate radius requests between two radius servers added

Also available in: Atom PDF