I just upgraded one of our CentOS 5 systems from FreeRadius 1.x to FreeRadius 2.1.6. It was all working before the upgrade and I have it working on the new version. That is, by using the deprecated authhost and accthost variables in the realm definition I can successfully authenticate and process accounting with the new version. However, as soon as I attempt to define a set of main and backup servers, then use the auth_pool and acct_pool variables I get the following error: "Ignoring spoofed proxy reply. Signature is invalid" Here is a status query that results in the error, like any other query: Sending Access-Request of id 136 to x.x.x.x port 1812 User-Name := "" User-Password := "" Service-Type := Authenticate-Only Message-Authenticator := 0x00000000000000000000000000000000 NAS-Identifier := "Status Check. Are you alive?" Waking up in 3.9 seconds. rad_recv: Access-Reject packet from host x.x.x.x port 1812, id=136, length=64 Ignoring spoofed proxy reply. Signature is invalid Of course, the main reason I upgraded at all was to be able to define a pool of servers. I've searched Google and cannot find any references to this issue. Here is the proxy.conf lines that matter: home_server my_rlm_auth { ipaddr = x.x.x.x port = 1812 type = "auth" secret = "bignewsecret" response_window = 30 max_outstanding = 65536 zombie_period = 40 status_check = "none" ping_check = "none" # ping_interval = 30 # check_interval = 30 # num_answers_to_alive = 3 # num_pings_to_alive = 3 revive_interval = 300 status_check_timeout = 4 } home_server my_rlm_acct { ipaddr = x.x.x.x port = 1813 type = "acct" secret = "bignewsecret" response_window = 30 max_outstanding = 65536 zombie_period = 40 status_check = "none" ping_check = "none" # ping_interval = 30 # check_interval = 30 # num_answers_to_alive = 3 # num_pings_to_alive = 3 revive_interval = 300 status_check_timeout = 4 } server_pool my_rlm_auth_pool { type = fail-over home_server = my_rlm_auth # home_server = Primary_my_rlm_auth # home_server = Secondary_my_rlm_auth } server_pool my_rlm_acct_pool { type = fail-over home_server = my_rl_acct # home_server = Primary_my_rlm_acct # home_server = Secondary_my_rlm_acct } realm my_rlm { nostrip auth_pool = my_rlm_auth_pool acct_pool = my_rlm_acct_pool # authhost = x.x.x.x:1812 # accthost = x.x.x.x:1813 # secret = "bignewsecret" type = radius } Any ideas or pointers? Regards, Emmett