[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freeradius-users
Subject:    Re: proxy authentication
From:       Alan DeKok <aland () deployingradius ! com>
Date:       2006-12-28 16:42:38
Message-ID: 4593F3FE.9050904 () deployingradius ! com
[Download RAW message or body]

Dubi Lego wrote:
> Our solution is to provide lawful information, according to a Court
> request on user's activity on the net. In order to do that we need to
> intercept their AAA activity and the actual data activity.

  That's a requirement, not a solution.  The solution to that problem
is, as I said, logging the packets via the "detail" module.

> The problem we are having is to collect the AAA activity for
> Authentication.

  This does NOT mean you need to proxy the packets.  In fact, it likely
means you do NOT proxy the packets, because proxying adds nothing over
logging via the "detail" module.

> We have found the way to forward the accounting data from the RADIUS to
> our RADIUS proxy and so we are notified on Session Start and Session
> End, but we need also to be notified on any attempt of a user to
> authenticate through the RADIUS.
> 
> Are you familiar with any solution to do that?

  What's wrong with using the "detail" file, as I suggested in my
previous message?

  Alan DeKok.
--
  http://deployingradius.com       - The web site of the book
  http://deployingradius.com/blog/ - The blog
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[prev in list] [next in list] [prev in thread] [next in thread]