On 28 Sep 2011, at 07:12, Zeus V Panchenko wrote: > Hi, > > *please*, I need advice in choosing the strategy for the distributed EAP > authentification scheme > > so, here are details of what I have and want: > > I run FreeRadius with EAP configured > > all my WiFi AP are configured to communicate with the radiusd and > everything works fine > > now I need to extend my VPN with several remote branches where inet > connection is not stable, but I need to provide WiFi access there too > even in case when inet connection is off ... > > > so, is it possible to use local (for each branch) radiusd to allow > access, *but* : > > 1. if inet is alive, than authenticate via the central radius > 2. if inet connection is not established, authenticate via local mechanism > (preferably EAP) >
Yes, home server pools let you specify a 'fallback' home server which can point to a virtual server. It should be working in v2.1.x but is currently broken in 3.x. See proxy.conf for details. Arran Cudbard-Bell [email protected] Betelwiki, Betelwiki, Betelwiki.... http://wiki.freeradius.org/ ! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
