3.120.9. DefaultRealm Previous topic Parent topic Child topic Next topic

This optional parameter can be used to specify a default realm to use for received RadSec requests that have a user name that does not include a realm. If the incoming user name does not have a realm (i.e. there is no @something following the user name) and if DefaultRealm is specified, the User-Name in the resulting RADIUS request will have @defaultrealm appended to it. The realm can then be used to trigger a specific <Realm> or <Handler> clause. This is useful if you operate a number of RadSec clients for different customer groups and where some or all of your customers log in without specifying a realm.
# Realmless logins to this NAS will be treated
# as if they are for realm open.com.au
<ServerRADSEC>
      Secret ....
      .....
      DefaultRealm open.com.au
</Client>
<Realm open.com.au>
      .....
</Realm>