>I've set up a 2.1.4 server, and working pretty well with authentication >against LDAP alone. What I've noticed though is that if the LDAP server is >down on the same box then the LDAP module, rightfully, fails. However whilst >this leaves the service unable to authenticate the user, it still replies >back with a REJECT packet to the client. As such the client switch / router >whatever, doesn't try the next server in it's config, as it's had a valid >RADIUS response. > >Is there any way to force a logic whereby if the ldap module fails, it would >drop the RADIUS request on the floor, to make it look like a service failure >to the client?
Read the list. There is another thread about the same "problem". Only about unreachable sql servers. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html