> -----Original Message-----
> From: Mike McCauley [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, 27 January 2000 12:27 PM
> To: Andrew Pollock; [EMAIL PROTECTED]
> Subject: Re: (RADIATOR) Rejecting rather than Ignoring requests
>
>
> Hi Andrew,
Hi Mike,
> You can catch the case where its a realm the central server does
> not know about
> by adding a
>
> <Realm DEFAULT>
> </Realm>
>
> to your config, which will reject any requests from realms not otherwise
> handled.
>
> AS for rejecting if the certral server does not reply (due connectivity
> problems) Im not sure that changing the behaviour will gain you
> anything? From
> the users point of view it would be the same: a delay, followed by
> disconnection.
Well actually, the NAS will fail over (unnecessarily, as far as I'm
concerned) to the secondary RADIUS server, which (for redundancy reasons) is
outside the hierarchy I described previously. Our NAS equipment (and I
believe a few other vendors') don't readily swap back over to the primary
RADIUS server again in a hurry, and it isn't acceptable to have
authentication outside the roaming hierarchy for extended periods of time,
hence my problem.
> In any case, there is no way (without changing the code) to send
> a reject if
> the retransmits to the central server time out.
Hmm, I don't particularly want to have to do that, but can you point me in
the right direction? What is the intended purpose of multiple AuthBy's in a
Handler? The documentation suggests that it does what I want it do do.
Andrew
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
