Re: secondary freeradius server if the first fallback is it possible ?

Wed, 12 Jan 2005 01:05:43 -0800

Nans Delrieu wrote: 
Thanks but how to set a proxy radius server ?
Is this fonction is integrated to freeradius ?


Yes

I haven't a REAL NAS, I have only PC. 

in clients.conf (proxy radius server)

client proxyradius.domain.com {

 secret  = rad1
 shortname = NAS1
        nastype         = other  #it is a pc
}

client primary.domain.com {
 secret  = rad2
 shortname = NAS2
        nastype         = other
}

client secondary.domain.com {
 secret  = rad3
 shortname = NAS3
        nastype         = other
}

that's ok ? 

In clients.conf of the proxyradius, you'll probably only need this:
client 127.0.0.1 {
   shortname = localhost
   secret = testing123
   nastype = other
}

That should be sufficient to use radtest on the same host.

then

proxy.conf

realm domain.com {
 type  = radius
 authhost = primaryradius.domain.com:1812
 accthost = primaryradius.domain.com:1813
 secret  = secret **
}

realm domain.com {
 type  = radius
 authhost = secondaryradius.domain.com:1812
 accthost = secondaryradius.domain.com:1813
 secret  = secret **

} 

Looks ok.
Make sure dns resolves correctly or use IP addresses!

(for primary radius :

clients.conf


client proxyradius.domain.com {

 secret  = rad1
 shortname = NAS1
        nastype         = other   # it is the same pc
}


client 127.0.0.1 {
   shortname = localhost
   secret = secret**
   nastype = other
}

idem for secondary radius.)

but how i must configure client.conf in the proxy radius server ?
in order it knows to go to radius1 or radius 2 if radius 1 fails.


That's done in proxy.conf, not in clients.conf
The configuration you pasted above for proxy.conf should work.

The schema for freeradius is

Mobile client -> NAS -> Server Radius (here freeradius) 

In your case it's: radiusclient (radtest) -> proxyradius -> homeradius

clients.conf is for freeradius in order to know NAS client. 

Yes.
The radtest utility will play client of the proxyserver.
The proxyserver will play client of the homeservers.

proxy.conf is for freedius too. 

Yes, that's where is configured where to send packets for a specific realm.

but how to simulate a REAL NAS with a pc ??

radtest can be used as client (but can't do failover automatically)
The proxyserver will play the NAS and will failover between the 2 homeservers.

--
Regards,

Thor Spruyt
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
M: +32 (0)475 67 22 65
Bestel nu uw exemplaar van Operationele verkoop (Walter Spruyt -
Liesbeth Huysmans) via www.salesguide.be Ontdek de Telenet Hotspot
service op www.telenet.be/hotspots


- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to