Hi, > Just checking in on this, I have plenty of patience. I just don't want to > find myself in a situation down the road where a currently-unknown security > issue or bug in 2.1.4 forces an upgrade, since our current configuration > doesn't seem to work with 2.1.8...
what are you proxying the inner details to the IAS box as - are you using the default configuration or have you turned off the tunnel-type eg proxy_tunneled_request_as_eap = no ? PS regarding the proxy status - so long as you choose the username/password in that configuration that you IAS box knows (and rejects) then you should know pretty quickly when/of the server is up. the default timers do need some good tweaks in terms of failover... when balance method are you using for the 2 servers in your pool? the default timers are something like 2 minutes to bring back to life, a 30 second interval between status checks (ping/request) and zombie timer of 40 seconds...these might be wildly too large for your requirements. alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html