Return no answer to the client if proxied access request times out

Alan DeKok aland at
Fri Jan 18 15:08:29 CET 2019

On Jan 18, 2019, at 6:17 AM, Gianni Costanzi <gianni.costanzi at> wrote:
> Thank you for your answer. Actually we can install only from official
> Redhat Enterprise repositories, due to internal policies which are quite
> restrictive. Unfortunately it’s not so easy to switch vendor when you’re
> working in big companies that must comply to tens of policies (due to ISOs,
> PCI-DSS, GDPR), I perfectly understood what you say and I have your
> attitude when working on my own systems.

  I tend to be cynical about "security" policies that prevent security from happening...

> BTW, where should the following code snipped be placed? In which
> file/section?
> Post-Proxy-Type Fail {
>                do_not_respond
>        }

  In the "Post-Proxy-Type" subsection...

$ cd /etc/raddb
$ grep -r -- 'Post-Proxy-Type'

  Takes 2 minutes...

  And if you read the debug output, it will show that it's running a post-proxy subsection.

  See sites-available/default.  It's all there....

  Alan DeKok.

More information about the Freeradius-Users mailing list