Concatenation of authentication

Jérôme MATER jmater at
Wed May 7 17:34:09 CEST 2014

Hi Alan,

Thanks for your answer.

There 4000 users! And the priority is the authentication with token.
SQL database should be use only if  a user loses his token.

The solution would be to have 2 freeradius, one for token authentication 
and the other one for SQL database ?


Le 07/05/2014 13:14, Alan DeKok a écrit :
> Jérôme MATER wrote:
>> I have made both configurations and it works separately. However, the
>> goal is :
>> 1) I want to authenticate users with Windows Radius server and
>> authentication with token
>> 2) If authentication 1 failed, then user tries to connect on the SQL
>> database automatically.
>    That's not really how RADIUS works.  If the user is rejected, you
> can't turn that into an accept.
>> I've tried with post-auth section, post-proxy section...
>> Is it possible ? How can I do that.
>    You can't.
>    Instead, determine which users should use SQL, and which users should
> authenticate via the Windows RADIUS server.  Then, make them do that.
>    Alan DeKok.
> -
> List info/subscribe/unsubscribe? See

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Freeradius-Users mailing list