I use userland ppp with radius authentication against 2 radius servers, on a freebsd 4.8-stable box that i use as a router/gateway.
The two servers are on two different interfaces, it seems that when i unplug the first server (#1 in radius.conf) from the switch the arp cache on the gateway will time out and a "Host is down" message is generated (or icmp host unreachable). All authentication requests are then automatically denied without consulting the second server. If i then swap the order of the radius servers in radius.conf while the first server is still down, i get authenticated. If i arp -s the mac address of the unplugged server, and it's the first one in radius.conf, the authentication mechanism proceeds to query the second server and i get authenticated. Is this intended or is it one of those icmp unreach/host down issues i've seen more and more often lately? i read this in 'man radius.conf': Up to 10 RADIUS servers may be specified for each service type. The servers are tried in round-robin fashion, until a valid response is received or the maximum number of tries has been reached for all servers. uname -a: FreeBSD fictious 4.8-RELEASE FreeBSD 4.8-RELEASE #0: Sun Aug 3 00:55:37 GMT 2003 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/WACCESS i386 - Sten _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"