FreeRADIUS High Availability with AD Integration
A.L.M.Buxey at lboro.ac.uk
A.L.M.Buxey at lboro.ac.uk
Mon Mar 30 23:00:33 CEST 2015
Hi,
> I've a single FreeRADIUS 3 server integrated in a AD domain to provide 802.1x authentication over the air and in the Ethernet cable. It's working perfectly, but I would like to implement an High Availability feature.
okay.... you can either have multiple ntlm_auth's defined in multiple mschap modules and do the
same way as mysql HA - with failover/error redundancy....or
> The question is how to do this? Just install another FreeRADIUS server independently and everything would be fine?
...use multiple RADIUS servers that are bound into the AD yes.
>Since the supplicants can use two distinct RADIUS servers.
no. the NAS ca use multiple RADIUS servers - the supplicant in the OS hasnt a clue about anything.
and whilst you can use different RADIUS certs, dont. just use the same cert, signed by the same CA.
alan
More information about the Freeradius-Users
mailing list