Re: Radius client redundance
Hi,
I did add the
home_server nps01 {
type = auth+acct
ipaddr = XXX.XXX.XXX.1
port = 1812,1813
secret = secretkey
rest is default? }
home_server nps02 {
type = auth+acct
ipaddr = XXX.XXX.XXX.2
port = 1812,1813
secret = secretkey
rest is default? }
home_server_pool my_auth_failover {
type = fail-over
home_server = nps01
home_server = nps02
}
But it does not seem to work, is there some attributes that i need to add,
remove or change ?
Regards
Ole
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/Radius-client-redundance-tp4822209p4866338.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius client redundance
oleaweel wrote: I did add the ... But it does not seem to work, is there some attributes that i need to add, remove or change ? See the FAQ for it doesn't work Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius client redundance
oleaweel wrote: Just for information, I have not been working to much with FreeRadius:). I have read the proxy.conf file but im having problems understanding the configuration. When it say home_server is this a general name ? I don't know what you mean by that. If I understand correct i need to configure a home_server_pool, and remove the realm DEFAULT that I have today ? Yes. Or is it possible to do something like the following (to configure to MS NPS) No. If the above is not possibe, is this the right way... : Pretty much, yes. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Radius client redundance
Hi,
We have configured EAP-PEAP with freeradius, and forward MS-CHAP-V2 request
to a Microsoft NPS server. This works fine, but we now want to implement one
more Microsoft NPS server, so how do we define a second radius client. So
that if the first one fails, it will automatically try the next ?
We have configured the following:
clients.conf
client merucontroller01 {
ipaddr = xxx.xxx.xxx.1
secret = secretkey
nastype = other
require_message_authenticator = no
}
proxy.conf
realm DEFAULT {
authhost= xxx.xxx.xxx.1:1812
accthost= xxx.xxx.xxx.1:1813
secret = secretkey
}
So could i just add another ip here xxx.xxx.xxx.2 in both ?
Thanks for reply.
Regards
Ole
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/Radius-client-redundance-tp4822209p4822209.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius client redundance
oleaweel wrote: Hi, We have configured EAP-PEAP with freeradius, and forward MS-CHAP-V2 request to a Microsoft NPS server. This works fine, but we now want to implement one more Microsoft NPS server, so how do we define a second radius client. So that if the first one fails, it will automatically try the next ? Packets are sent to home servers, not to RADIUS clients. To configure fail-over, see raddb/proxy.conf. This is documented. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius client redundance
Hi,
Thanks for fast reply.
Just for information, I have not been working to much with FreeRadius:). I
have read the proxy.conf file but im having problems understanding the
configuration. When it say home_server is this a general name ?
If I understand correct i need to configure a home_server_pool, and remove
the realm DEFAULT that I have today ? Or is it possible to do something like
the following (to configure to MS NPS)
realm DEFAULT {
authhost = xxx.xxx.xxx.1:1812
accthost = xxx.xxx.xxx.1:1813
authhost = xxx.xxx.xxx.2:1812
accthost = xxx.xxx.xxx.2:1813
secret = secretkey
}
If the above is not possibe, is this the right way... :
home_server nps01 {
type = auth+acct
ipaddr = XXX.XXX.XXX.1
port = 1812,1813
secret = secretkey
rest is default? }
home_server nps02 {
type = auth+acct
ipaddr = XXX.XXX.XXX.2
port = 1812,1813
secret = secretkey
rest is default? }
home_server_pool my_auth_failover {
type = fail-over
home_server = nps01
home_server = nps02
}
Regards
Ole
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/Radius-client-redundance-tp4822209p4823563.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
