Failover Configuration

Troy Rindy Troy.Rindy at validants.com
Wed Feb 3 18:11:59 CET 2010


That was the conclusion I was coming to as well.  Just wanted confirmation
from the list.

Thanks Alan!


-----Original Message-----
From: freeradius-users-bounces+troy.rindy=validants.com at lists.freeradius.org
[mailto:freeradius-users-bounces+troy.rindy=validants.com at lists.freeradius.o
rg] On Behalf Of Alan DeKok
Sent: Thursday, January 28, 2010 10:42 AM
To: FreeRadius users mailing list
Subject: Re: Failover Configuration

Troy.Rindy at validants.com wrote:
> Send Request to our Corporate Radius Server for Two Factor Auth
> If the corporate Server is Unavailable, doesn't respond or if the user is
> not found, then
>     Use Auth-Type LDAP to Authenticate to our local LDAP repository

  The server isn't really set up to do that.  i.e. "authenticate the
user, and if authentication fails, do another authentication.

> However, I cannot get them to work together as "Try Corporate first, then
> local LDAP second".

  Try "use local LDAP first", and proxy second. :)

  If the proxy returns reject, then reject.  if LDAP returns reject,
then reject.

  Alan DeKok.
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html




More information about the Freeradius-Users mailing list