Hi Alan,

Thanks for your answer.

There 4000 users! And the priority is the authentication with token.
SQL database should be use only if  a user loses his token.

The solution would be to have 2 freeradius, one for token authentication and the other one for SQL database ?

Regards,
Jérôme


Le 07/05/2014 13:14, Alan DeKok a écrit :
Jérôme MATER wrote:
I have made both configurations and it works separately. However, the
goal is :

1) I want to authenticate users with Windows Radius server and
authentication with token
2) If authentication 1 failed, then user tries to connect on the SQL
database automatically.
  That's not really how RADIUS works.  If the user is rejected, you
can't turn that into an accept.

I've tried with post-auth section, post-proxy section...

Is it possible ? How can I do that.
  You can't.

  Instead, determine which users should use SQL, and which users should
authenticate via the Windows RADIUS server.  Then, make them do that.

  Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html