Hiya Not sure if I have asked this already... I need to be able to have freeRadius not respond AT ALL if it cannot contact any databases, as opposed to sending auth rejections. The logic (crazy as it sounds initially) is this.
Imagine the setup. 3 locations (A,B & C) each with their own NAS (A,B & C) and also each with their own FreeRADIUS (A,B & C). They are configured so that NAS A talks to RADIUS A primarily, and then fails over to RADIUS B or C, and equivalent for each of the other sites. RADIUS A is configured to use it's local database as well as the databases of RADIUS B & C, and the same for the other RADIUS servers. Now. Suppose there are some problems, and RADIUS A cannot talk to it's local db, but also cannot talk to RADIUS B or C's db's. It is going to send out Auth Rejects for every request NAS A sends to it. This doesn't sound too much like a problem, except that NAS A can see RADIUS B without issue and RADIUS B is still happy. So what we have here is a NAS refusing connections due to RADIUS A, when infact if RADIUS A didn't respond it would try using RADIUS B, and be able to authenticate connections. I know this situation is very unlikley, but I am sure most people are aware that 1 in a million chances happen 9 times out of 10 (especially when computers are involved! :) ) Is it possible to configure this into freeRADIUS? or am I going to require some sort of exterior monitor to kill off freeRADIUS should this occur? Thanks for your help -- ----- Graeme Hinchliffe (BSc) Core Internet Systems Designer Zen Internet (http://www.zen.co.uk) ICQ 3842605 (link) Sales : 0870 6000 971 Fax : 0870 6000 972 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html