Proxy(-like)+Cache configuration

Phil Mayers p.mayers at imperial.ac.uk
Mon Sep 19 12:33:34 CEST 2011


On 19/09/11 11:10, Lorenzo Milesi wrote:
> hi. can I make a configuration where I have a radius server which
> authenticates over an external radius (basically a proxy), but caches
> the successful logins, so that known users won't get asked upstream
> (at least for a certain time)?

If the authentication protocol is PAP, yes. You would need to use the 
post-auth section to create some kind of cache entry, and check it on 
future requests. But it's a bad idea.

For any other authentication protocol (CHAP, EAP), no.

>
> I don't want to replicate the backend database.

Just replicate it. It'll be far easier than trying to hack something up.



More information about the Freeradius-Users mailing list