Arran Cudbard-Bell wrote:
Yep works for me too, reaches end of list of possible servers and starts rejecting all users assigned to that realm. :)
Thanks.
Also little one with access-reject when home server fails to respond. Not sent through access reject filter, though that's probably because it never passes through post-auth.
That will be fixed on another commit.
It turns out the easiest way to fix that was to remove the multiple places that called "Post-Auth-Type Reject", and move it to one central location. Simpler, less code, does exactly the same thing as before, and adds the call to "Post-Auth-Type Reject" when the home servers fail to respond. We should probably have a "Post-Proxy-Type = Fail", that gets called when a home server fails to respond to a request. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog