How to set properly failover ?
Alexandre Chapellon
alexandre.chapellon at mana.pf
Fri Jul 23 21:00:18 CEST 2010
Le vendredi 23 juillet 2010 à 20:09 +0200, Jevos, Peter a écrit :
> Hi alex, thank you for your mail, helped a lot : )
>
> Now it's working, no idea why and how but working : )
>
> Here is my config:
> Users:
>
> DEFAULT Auth-Type := vpn_auth_name,Huntgroup-Name == "vpn"
> Fall-Through = Yes
>
Setting Auth-Type is discouraged. further more setting
Auth-Type to a module name sounds like an error to me (but maybe am i
mistaking)
I think you can remove Auth-Type
> Radiusd.conf:
> instantiate {
>
> redundant vpn_auth_name {
> group {
> ntlm_auth_vpn1 {
> reject = 1
> ok = return
> }
> ntlm_auth_vpn2 {
> reject = 1
> ok = return
> }
> }
>
Why are you using group inside redundant... I'm not sure this is
usefull.
Using ntlm_auth_vpn1 and ntlm_auth_vpn2 should be enough. Look here for
more infos and example of how redundant modules are set:
http://wiki.freeradius.org/Fail-over
> And the sites-available/default:
> Authenticate {
> vpn_auth_name
> }
>
> Thanks , have a nice day
> p
>
>
> -----Original Message-----
> From:
> freeradius-users-bounces+peter.jevos=oriflame.com at lists.freeradius.org
> [mailto:freeradius-users-bounces+peter.jevos=oriflame.com at lists.freeradi
> us.org] On Behalf Of alexandre.chapellon at mana.pf
> Sent: Friday, July 23, 2010 7:44 PM
> To: FreeRadius users mailing list
> Subject: Re: How to set properly failover ?
>
> This how I do, but it's not the only way and may not feet your needs:
>
> In radiusd.conf, instantiate a redundant module:
> instantiate {
> ...
> redundant ha_auth_name {
> ntlm_auth_vpn1
> ntlm_auth_vpn2
> }
> ...
> }
>
> In default sites config, section authorize
>
> authorize {
> ...
> ha_auth_name
> ...
> }
>
>
> Quite simple and works great here for some other moduls (SQL)
> Hope it helps.
>
> ---- Message original----
> >Date: Fri, 23 Jul 2010 18:45:30 +0200
> >From:
> freeradius-users-bounces+alexandre.chapellon=mana.pf at lists.freeradius.or
> g (on behalf of "Jevos, Peter" <Peter.Jevos at oriflame.com>)
> >Subject: How to set properly failover ?
> >To: "FreeRadius users mailing list"
> <freeradius-users at lists.freeradius.org>
> >
> > Hi guys
> >
> >
> >
> > I'm really trying but it's not easy to find
> > somehitng in the documenatiion.
> >
> > I have 2 modules ntlm_auth_vpn1/2 and I like to do
> > failover.
> >
> > I tried this but I was not sucesfull:
> >
> >
> >
> > In the modules I have 2 files, ntlm_auth_vpn1 and
> > ntlm_auth_vpn2
> >
> > In the sites-available/default I have:
> >
> >
> >
> > # Allow EAP authentication.
> >
> > eap
> >
> > ntlm_auth
> >
> >
> >
> > ntlm_auth_vpn {
> >
> > group {
> >
> >
> > ntlm_auth_vpn1 {
> >
> >
> > reject = 1
> >
> >
> > ok = return
> >
> >
> > }
> >
> >
> > ntlm_auth_vpn2 {
> >
> >
> > reject = 1
> >
> >
> > ok = return
> >
> >
> >
> > }
> >
> > }
> >
> > }
> >
> >
> >
> > In my users file is:
> >
> >
> >
> > DEFAULT Auth-Type := ntlm_auth_vpn,
> >
> > Fall-Through = Yes
> >
> >
> >
> > What should be the correct syntax ?
> >
> > Freeradius is great tool , however every step
> > forward is like a childbirth : )
> >
> > What I'm really missing is what should be placed
> > where.
> >
> >
> >
> > I'd really enjoy the new book . I hope it will be
> > released soon : )
> >
> >
> >
> > Thanks
> >
> >
> >
> > Pet
> >________________
> >-
> >List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100723/b68108b6/attachment.html>
More information about the Freeradius-Users
mailing list