freeradius2 Proxy fail-over issues
Alan DeKok
aland at deployingradius.com
Tue May 26 07:58:46 CEST 2009
Emmett Culley wrote:
> However, as soon as I attempt to define a set of main and backup
> servers, then use the auth_pool and acct_pool variables I get the
> following error:
>
> "Ignoring spoofed proxy reply. Signature is invalid"
That's pretty definitive. It means that the shared secret is wrong.
> Of course, the main reason I upgraded at all was to be able to define a
> pool of servers. I've searched Google and cannot find any references to
> this issue. Here is the proxy.conf lines that matter:
Which doesn't show the primary && secondary server configuration that
causes the problem.
My guess is that you've configured the *same* shared secret for both
home servers. Then, the home servers have been configured with
*different* shared secrets for the proxy.
Use "radclient" from the proxy to send packets to the home servers.
It will need to use the same shared secret that the proxy *should* have.
If you can get radclient working, the same shared secret will work with
the proxy.
Alan DeKok.
More information about the Freeradius-Users
mailing list