Ankur G <anku...@globallogic.com> wrote: > > We have a little different scenario. We have two different instances of web > server connecting to two different Radius server such that if one of the > radius server not able to connect the webserver, radius client can fail over > to > another radius server which has a different web-server connecting. Find > below is the scenario: > > /--W1--\ -- /--- R1 ---\ > --- C > /--W2--\ -- /--- R2 ---\ > Why can't R1 talk to W1 *and* W2? Your module should be able to try using both surely (if W1 fails, it should try W2)?
I suspect it would be a strange network failure if W1 and W2 are unreachable to R1 but R2 could still speak to W2 (misconfiguration rather than node/router failure)? Well, you should still use FAIL in your module rather than REJECT if something internal to the module has failed. Combine this with what Alan already has pointed you to, do_not_respond in policy.conf, and you should be able to get to where you want to be. Cheers -- Alexander Clouter .sigmonster says: If you sow your wild oats, hope for a crop failure. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
