Hi Alan, Thanks for your answer. There 4000 users! And the priority is the authentication with token. SQL database should be use only if a user loses his token. The solution would be to have 2 freeradius, one for token authentication and the other one for SQL database ? Regards, Jérôme Le 07/05/2014 13:14, Alan DeKok a écrit :
Jérôme MATER wrote:
I have made both configurations and it works separately. However, the goal is :
1) I want to authenticate users with Windows Radius server and authentication with token 2) If authentication 1 failed, then user tries to connect on the SQL database automatically. That's not really how RADIUS works. If the user is rejected, you can't turn that into an accept.
I've tried with post-auth section, post-proxy section...
Is it possible ? How can I do that. You can't.
Instead, determine which users should use SQL, and which users should authenticate via the Windows RADIUS server. Then, make them do that.
Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html