Proxy failure
Alan DeKok
aland at nitros9.org
Wed Apr 26 21:27:39 CEST 2006
Axel Seguin <axel.seguin at icfo.es> wrote:
> My Radius sends the request 5 times to the other Radius server and
> then gives up marking the server dead (but it is not).
Then why isn't it responding? Are there firewall rules that filter
out the response or request?
> Why is there a "Module-Failure-Message = "rlm_ldap: User not found""?
> Of course the user won't be found in the local ldap database since
> this realm is supposed to be proxied.
Then why did you configure the server to look the user up in LDAP?
It doesn't come configured to do that by default, so you must have
added that to your local config.
> The radius server is obviously looking in the local ldap database
> with the unstriped username before proxying this request. Is there
> not a way, in case the realm of the username has to be proxied not to
> look for it locally in the ldap database fisrt?
Yes. See doc/configurable_failover && doc/Autz-Type
> If anyone has an idea why i don't get any answer, i would be gratefull.
Use 'tcpdump' to see where the packets are going. See if you can
run 'radclient" on the same machine as the RADIUS server, and get a
response from the other server.
Alan DeKok.
More information about the Freeradius-Users
mailing list