We are proxy some requests to a radius server that is outside our control.
Sometimes the server is unavailable and does not respond. When it does not
respond then out radius server does not respond to our lns and the lns marks
our server as dead.
My understanding is that by using the Post-Proxy-Type Fail method i can send
a failed authentication to the lns if the proxied too radius server does not
respond and avoid the lns marking my server as dead.
This is what I have done:
server home.tent {
pre-proxy {
# Insert pre-proxy rules here
}
post-proxy {
Post-Proxy-Type Fail {
detail.tent
fail
}
}
listen {
type = detail
filename = "${radacctdir}/detail.tent"
load_factor = 10
}
accounting {
update control {
Proxy-To-Realm := "tent.net"
}
}
}
home_server tent {
type = auth+acct
ipaddr = XXX.XXX.XXX.XXX
port = 1645
secret = password
response_window = 2
zombie_period = 5
status_check = request
username = "test_user_status_check"
password = "this is really secret"
}
As you can see I also have added the detail option to the Post-Proxy-Type
Fail so that accounting packets get sent to a file if the remote server does
not respond.
Do I have a flaw in my syntax or is it in my logic.
Thanx for any help.
Mark
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
