distributed authentification scheme advice needed
Zeus V Panchenko
zeus at ibs.dn.ua
Wed Sep 28 12:11:51 CEST 2011
thanks for quick reply
Arran Cudbard-Bell (a.cudbardb at freeradius.org) [11.09.28 08:28] wrote:
>
> Yes, home server pools let you specify a 'fallback' home server
> which can point to a virtual server. It should be working in v2.1.x
> but is currently broken in 3.x.
>
> See proxy.conf for details.
>
if i have core.radius.my.domain as my primary radius server and
fallback.radius.my.domain as radius installed on AP
than i need in proxy.conf
home_server_pool my_auth_failover {
type = fail-over
home_server = core.radius.my.domain
fallback = fallback.radius.my.domain
}
but than, I need configure EAP/TLS on fallback.radius.my.domain
identical to core.radius.my.domain one, correct?
since without the same server certificates my clients will not be able
authenticate with fallback.radius.my.domain
am I correct?
--
Zeus V. Panchenko
JID:zeus at gnu.org.ua GMT+2 (EET)
More information about the Freeradius-Users
mailing list