Proxies "status-server" pings are broken when virtual server "status" is enabled

A.L.M.Buxey at A.L.M.Buxey at
Mon Jan 28 10:07:52 CET 2013


> This comes from the fact that in the status virtual-server, the
> "Autz-Type status-server" stanza is defined. But in the current virtual
> server receiving the "ping" (eduroam) it's not defined,so it triggers an
> reject message.

well, enable it then.

> Well in the end it doesn't change much as the remote server will still
> mark the server alive after receiving 3 access-reject in response to his
> status-server.


> But is this behaviour wanted ?

depends. on you.  there is no point in having an access-accept (using username/password)
as thats a credential that could be leaked or stolen etc.... its actually just as good (and standard)
to have a reject response....the remote server/local server still know that each other are alive!

ideally, both servers handle status-server packets and a basic 'status ping' will work just as well.


More information about the Freeradius-Devel mailing list