Post-Proxy-Type Reject handling

Julius Plenz plenz at
Fri Nov 1 15:10:17 CET 2013


I'm a little bit confused by the change introduced in commit
4b9d325515 ("Set Post-Proxy-Type Reject if the request was rejected by
the proxy server") from 19 Dec 2012.

I think most users, including me, expect that a Reject reply received
from a remote RADIUS server is automatically forwarded by the
mediating RADIUS server to the client. But it seems this patch changes
the default behaviour. What I'm seeing is that such a Reject reply
will be silently discarded and *not* forwarded to the client.

This may break a few setups. Sadly, the Post-Proxy-Type "Reject"
is not even mentioned anywhere in the example config files. Especially
I would suggest adding a hint akin to the "Fail" case in

What is the correct move to make FreeRADIUS behave like pre-2.2.1,
i.e. just forwarding the proxy reply? I'm guessing I should duplicate
my "post-proxy" modules again inside a Post-Proxy-Type Reject {}

Thank you,


More information about the Freeradius-Users mailing list