That was the conclusion I was coming to as well. Just wanted confirmation from the list.
Thanks Alan! -----Original Message----- From: freeradius-users-bounces+troy.rindy=validants....@lists.freeradius.org [mailto:freeradius-users-bounces+troy.rindy=validants....@lists.freeradius.o rg] On Behalf Of Alan DeKok Sent: Thursday, January 28, 2010 10:42 AM To: FreeRadius users mailing list Subject: Re: Failover Configuration troy.ri...@validants.com wrote: > Send Request to our Corporate Radius Server for Two Factor Auth > If the corporate Server is Unavailable, doesn't respond or if the user is > not found, then > Use Auth-Type LDAP to Authenticate to our local LDAP repository The server isn't really set up to do that. i.e. "authenticate the user, and if authentication fails, do another authentication. > However, I cannot get them to work together as "Try Corporate first, then > local LDAP second". Try "use local LDAP first", and proxy second. :) If the proxy returns reject, then reject. if LDAP returns reject, then reject. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html