password failover

Vijay Avarachen vavarachen at gmail.com
Wed Feb 6 02:58:01 CET 2008


>From Cisco IOS Doc
<http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800ca7a7.html#wp1000967>
"A FAIL response is significantly different from an ERROR. A FAIL means that
the user has not met the criteria contained in the applicable authentication
database to be successfully authenticated. Authentication ends with a FAIL
response. An ERROR means that the security server has not responded to an
authentication query. Because of this, no authentication has been attempted.
Only when an ERROR is detected will AAA select the next authentication
method defined in the authentication method list."

Vijay Avarachen

On Feb 5, 2008 4:57 PM, <jonr at destar.net> wrote:

> Hello,
>
> How do I set up a freeradius server so that if the password fails for
> the primary radius server it tries the secondary for the password. In
> my scenario, the primary is up and servicing requests, but the
> password for the device is incorrect. Now the device looks to the
> secondary to get authorized and the secondary holds the correct secret
> for the device.
>
> I have looked at fail-over and load-balancing but am not sure if
> either of these are what I am looking for. Can someone tell me what I
> am looking for and I can do the rest.
>
> Thanks for any help,
>
> Jon
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>



-- 
"Knowledge is the only wealth that grows as you spend it, and diminishes as
you save it."
-- ancient Sanskrit saying
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20080205/81ba4df6/attachment.html>


More information about the Freeradius-Users mailing list