RADIUS Monitoring tool
Arran Cudbard-Bell
a.cudbardb at freeradius.org
Wed Feb 25 19:44:05 CET 2015
> On 25 Feb 2015, at 12:29, A.L.M.Buxey at lboro.ac.uk wrote:
>
> hi,
>
> we use NAGIOS and have some local eapol_test scripts
> formonitor/alerts and use'monit' to check status of the radius
> process and restart it when dead
You don't need a monitoring solution. Most NAS will fail over
quite happily once the server stops responding.
Check the return code of the failing module and use the
do_not_respond policy.
sql {
fail = 1
}
if (fail) {
do_not_respond
}
Do that for all modules critical to authentication.
It's very rare that responding with an Access-Reject on module
failure is an appropriate action. Unfortunately changing the
behaviour in the default config would be very disruptive.
-Arran
Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS development team
FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 872 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20150225/729ac2ed/attachment-0001.sig>
More information about the Freeradius-Users
mailing list