Freeradius as a secondary
Arran Cudbard-Bell
A.Cudbard-Bell at sussex.ac.uk
Sun Jun 10 20:17:25 CEST 2007
Jeff wrote:
> I am using the version installed through software update on opensuse
> Its 1. something but not sure exactly
> radrelay is installed
> tested but i its creating the work file,etc no errors but nothing
> showing up at primary when doing a test
Have you added the secondary server as an authorised client on the
primary ?
>
> as to proxy to realm in proxy section
>
> You are saying I could setup to proxy the accounting back to the
> primary radius and not use radrelay?
> The below to realms
>
> heres what i have now on the secondary
> realm globalco.net {
> type = radius
> authhost = LOCAL
> accthost = LOCAL
> }
> #
> realm go-globalusa.net {
> type = radius
> authhost = LOCAL
> accthost = LOCAL
> }
Ok so your acct host would be the address of your primary radius server.
You'd also need to add your secondary server as an authorised client on
your primary, and setup a shared secret between them.
You'd then add this line to accounting users
DEFAULT Proxy-To-Realm := "globalco"
Peters solution is probably more what you looking for though, and like
he said it does have the advantage of being able to que up accounting
packets if your primary goes down, so no data is lost.
Just proxying means you only have to worry about one process, and it's
slightly neater.
More information about the Freeradius-Users
mailing list