Proxy FreeRADIUS Monitoring from LB F5
CALMELS, Thierry (SOGETI REGIONS SAS)
thierry.calmels.external at airbus.com
Sun Dec 9 20:17:49 CET 2018
Hello freeradius support team,
We have an infrastucture using freeRadius 3 (freeradius-3.0.13-8) on RHEL7.5.
The infrastructure implements in front a layer “PROXY RADIUS” (not based on proxy.conf usage – thus we are using a custom proxy logic).
The infrastructure works as expected.
The architecture is as follow:
Client NAS --> LB BigIP F5 --> Proxy FreeRADIUS --> LB BigIP F5 --> BackEnd FreeRADIUS
However we want to improve monitoring made by F5 in front of the layer proxy Radius.
For that, we have configured a Radius profile on the F5, based on username/password declared in the /etc/raddb/users files.
healthcheckVIP Auth-Type:=Accept, User-Password=="my_password "
Unfortunately, this configuration works only if the healthcheckVIP account is declared on the BackEnd FreeRADIUS!
The account declared on Proxy is not taken in account.
I didn’t find any solution/setting to block the radius request at layer proxy when the account is found and credentials confirmed.
Thank a lot for your support
Thierry
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[cid:image003.png at 01D304A6.07AEE120]
Thierry CALMELS
On behalf of SOGETI France
Subcontractor for ZIOI
AIRBUS OPERATIONS S.A.S.
France – Toulouse – Sogeti – Airbus Zone
Phone: +33 (0)5 67 19 65 55
Mailto: thierry.calmels.external at airbus.com<mailto:thierry.calmels.external at airbus.com>
Join us on the IAM community<https://communities.intra.corp/sites/CAM/Default.aspx>!
P Before printing, think about the environment --o-o-Ộ-o-o--
The information in this e-mail is confidential. The contents may not be disclosed or used by anyone other than the addressee. Access to this e-mail by anyone else is unauthorised.
If you are not the intended recipient, please notify Airbus immediately and delete this e-mail.
Airbus cannot accept any responsibility for the accuracy or completeness of this e-mail as it has been sent over public networks. If you have any concerns over the content of this message or its Accuracy or Integrity, please contact Airbus immediately.
All outgoing e-mails from Airbus are checked using regularly updated virus scanning software but you should take whatever measures you deem to be appropriate to ensure that this message and any attachments are virus free.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 13966 bytes
Desc: image001.png
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20181209/1fcc4396/attachment.png>
More information about the Freeradius-Users
mailing list