Re: Radius client redundance
Hi, I did add the home_server nps01 { type = auth+acct ipaddr = XXX.XXX.XXX.1 port = 1812,1813 secret = secretkey rest is default? } home_server nps02 { type = auth+acct ipaddr = XXX.XXX.XXX.2 port = 1812,1813 secret = secretkey rest is default? } home_server_pool my_auth_failover { type = fail-over home_server = nps01 home_server = nps02 } But it does not seem to work, is there some attributes that i need to add, remove or change ? Regards Ole -- View this message in context: http://freeradius.1045715.n5.nabble.com/Radius-client-redundance-tp4822209p4866338.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius client redundance
oleaweel wrote: I did add the ... But it does not seem to work, is there some attributes that i need to add, remove or change ? See the FAQ for it doesn't work Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius client redundance
oleaweel wrote: Just for information, I have not been working to much with FreeRadius:). I have read the proxy.conf file but im having problems understanding the configuration. When it say home_server is this a general name ? I don't know what you mean by that. If I understand correct i need to configure a home_server_pool, and remove the realm DEFAULT that I have today ? Yes. Or is it possible to do something like the following (to configure to MS NPS) No. If the above is not possibe, is this the right way... : Pretty much, yes. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Radius client redundance
Hi, We have configured EAP-PEAP with freeradius, and forward MS-CHAP-V2 request to a Microsoft NPS server. This works fine, but we now want to implement one more Microsoft NPS server, so how do we define a second radius client. So that if the first one fails, it will automatically try the next ? We have configured the following: clients.conf client merucontroller01 { ipaddr = xxx.xxx.xxx.1 secret = secretkey nastype = other require_message_authenticator = no } proxy.conf realm DEFAULT { authhost= xxx.xxx.xxx.1:1812 accthost= xxx.xxx.xxx.1:1813 secret = secretkey } So could i just add another ip here xxx.xxx.xxx.2 in both ? Thanks for reply. Regards Ole -- View this message in context: http://freeradius.1045715.n5.nabble.com/Radius-client-redundance-tp4822209p4822209.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius client redundance
oleaweel wrote: Hi, We have configured EAP-PEAP with freeradius, and forward MS-CHAP-V2 request to a Microsoft NPS server. This works fine, but we now want to implement one more Microsoft NPS server, so how do we define a second radius client. So that if the first one fails, it will automatically try the next ? Packets are sent to home servers, not to RADIUS clients. To configure fail-over, see raddb/proxy.conf. This is documented. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius client redundance
Hi, Thanks for fast reply. Just for information, I have not been working to much with FreeRadius:). I have read the proxy.conf file but im having problems understanding the configuration. When it say home_server is this a general name ? If I understand correct i need to configure a home_server_pool, and remove the realm DEFAULT that I have today ? Or is it possible to do something like the following (to configure to MS NPS) realm DEFAULT { authhost = xxx.xxx.xxx.1:1812 accthost = xxx.xxx.xxx.1:1813 authhost = xxx.xxx.xxx.2:1812 accthost = xxx.xxx.xxx.2:1813 secret = secretkey } If the above is not possibe, is this the right way... : home_server nps01 { type = auth+acct ipaddr = XXX.XXX.XXX.1 port = 1812,1813 secret = secretkey rest is default? } home_server nps02 { type = auth+acct ipaddr = XXX.XXX.XXX.2 port = 1812,1813 secret = secretkey rest is default? } home_server_pool my_auth_failover { type = fail-over home_server = nps01 home_server = nps02 } Regards Ole -- View this message in context: http://freeradius.1045715.n5.nabble.com/Radius-client-redundance-tp4822209p4823563.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html