Home server failure messages
Alan DeKok
aland at deployingradius.com
Sun Nov 24 14:43:17 CET 2019
On Nov 22, 2019, at 3:35 PM, FRANKS, Andy (SHREWSBURY AND TELFORD HOSPITAL NHS TRUST) via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
> Hopefully I've understood - I did try the status_check = "status-server" option in the tls (radsec) virtual server, but it seems it is not permitted:
>
> Only 'status_check = none' is allowed for home servers with 'proto = tcp'
TCP connections guarantee delivery. So there's no reason to have a Status-Server check in them.
> Radsecproxy, which I toyed about with for a while, seemed to allow status checks and when used in between freeradius servers (iirc) did respond to the request with no issues via radsec..
> Maybe there's something I'm missing, wouldn't be the first time :-)
FreeRADIUS responds to Status-Server packets over TCP. But there's no reason to send Status-Server packets over TCP.
If the connection is down, then the server gets notified. If the connection is up, then sending a Status-Server packet over it won't give you any information.
Alan DeKok.
More information about the Freeradius-Users
mailing list