Hi! I still can't find solution to my problem in documentation so I'll rephrase the question.
Is it possible to proxy requests in a way analogous to bogus example below? realm example.com { auth_pool = pool1 { reject = 1 ok = return } auth_pool = pool2 { reject = 1 ok = return } } # Authentication fails only if both pools return reject. I know documentation says "... It proxies packets ONLY when it receives a packet or a re-transmission from the NAS. If the NAS never re-transmits, the proxy never re-transmits, either." Can someone at least suggest in what direction to look for solution? Thank you, Matija >>> Matija Levec 24.9.2010 16:24 >>> Hi everyone! First a little bit of explaining... - auth_server 1 client - fr_proxy -[ - auth_server 2 (client=random NAS, fr_proxy=freeradius, auth_server=two-factor auth server(s)) Currently we have clients authenticating directly to auth_server 1. We would like to gradually (and transparently) move users to new authenticators which use auth_server 2 Question What I would like to accomplish is: If auth_server 1 returns notfound or reject or fail, proxy request to auth_server 2 Is it possible to use 'configurable module fail over'-like syntax for configuring proxy (home)servers? I hopes this makes sense. Anyway... all ideas appreciated! Regards, Matija - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html