Hi, > active sessions and if he is allowed to have a session the request is > proxied to the FUNK server that performs the actual authentication. So > the setup is a classical proxy setup. This policy decision of whether ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
whoah. steady on there. this is not a classical proxy setup. in a classical proxy setup ALL autentication is handled by a 3rd party. in this case you are doing an LDAP authorization on the FreeRADIUS box. the fact that this works on testing but not in high-volume production points a marked finger towards this LDAP process. alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html