Failover Configuration

Troy Rindy Troy.Rindy at
Wed Feb 3 18:11:59 CET 2010

That was the conclusion I was coming to as well.  Just wanted confirmation
from the list.

Thanks Alan!

-----Original Message-----
From: at
[ at lists.freeradius.o
rg] On Behalf Of Alan DeKok
Sent: Thursday, January 28, 2010 10:42 AM
To: FreeRadius users mailing list
Subject: Re: Failover Configuration

Troy.Rindy at wrote:
> Send Request to our Corporate Radius Server for Two Factor Auth
> If the corporate Server is Unavailable, doesn't respond or if the user is
> not found, then
>     Use Auth-Type LDAP to Authenticate to our local LDAP repository

  The server isn't really set up to do that.  i.e. "authenticate the
user, and if authentication fails, do another authentication.

> However, I cannot get them to work together as "Try Corporate first, then
> local LDAP second".

  Try "use local LDAP first", and proxy second. :)

  If the proxy returns reject, then reject.  if LDAP returns reject,
then reject.

  Alan DeKok.
List info/subscribe/unsubscribe? See

More information about the Freeradius-Users mailing list