Hi,
I have setup a redundant proxyradius and a redundant homeradius. I'll call the proxyradius servers PA and PB I'll call the homeradius servers HA and HB
My NAS is configured to auth/acct against PA with fallback to PB PA is configured to proxy to HA with fallback to HB PB is configured to proxy to HB with fallback to HA
Now, when the NAS sends an acct packet to PA, the following happens:
- PA proxies the packet to HA and stores in detail file
- radrelay on PA relays the packet to PB
- HA stores the packet in detail file
- radrelay on HA relays the packet to HB and HB stores the packet in detail file
- PB proxies the packet to HB and stores in detail file
- HB stores the packet in detail file
- radrelay on HB relays the packet to HA and HA stores the packet in detail file
I guess I overlooked something, because...
I didn't expect PB to proxy the packet to HB because PA already proxied the packet to HA.
Here's the proxy.conf on PA:
proxy server {
synchronous = no
retry_delay = 3
retry_count = 1
dead_time = 60
default_fallback = no
post_proxy_authorize = no
}
realm NULL {
type = radius
authhost = HA-ip:1912
accthost = HA-ip:1913
secret = testing123
}
realm NULL {
type = radius
authhost = HB-ip:1912
accthost = HB-ip:1913
secret = testing123
}And here's the proxy.conf on PB:
proxy server {
synchronous = no
retry_delay = 3
retry_count = 1
dead_time = 60
default_fallback = no
post_proxy_authorize = no
}
realm NULL {
type = radius
authhost = HB-ip:1912
accthost = HB-ip:1913
secret = testing123
}
realm NULL {
type = radius
authhost = HA-ip:1912
accthost = HA-ip:1913
secret = testing123
}More configs and/or debug output can be provided if needed :)
-- Regards,
Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw exemplaar van Operationele verkoop (Walter Spruyt - Liesbeth Huysmans) via www.salesguide.be
Ontdek de Telenet Hotspot service op www.telenet.be/hotspots
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
