RE: (RADIATOR) AuthyByPolicy

2001-05-17 Thread Chris Cronje - MWeb 

Thanks for the good reply Hugh.

Chris

 -Original Message-
 From: Hugh Irvine [SMTP:[EMAIL PROTECTED]]
 Sent: Wednesday, May 16, 2001 2:59 PM
 To:   Chris Cronje - MWeb; '[EMAIL PROTECTED]'
 Subject:  Re: (RADIATOR) AuthyByPolicy
 
 
 Hello Chris -
 
 You cannot chain AuthBy RADIUS clauses like this, due to the way the 
 AuthBy RADIUS clause operates - ie. it is asynchronous. There are two 
 ways of dealing with this: first is use the CachePasswords option 
 which will tell the clause to cache recent requests and responses and 
 use the cached entry in case the proxy does not respond. Otherwise 
 you can use a NoReplyHook (there is an example in the file 
 goodies/hooks.txt).
 
 Probably a better approach in any case is to define multiple targets 
 for the proxy and have Radiator fail over automatically. There are 
 several such modules in Radiator 2.18.1 (RADIUS, ROUNDROBIN, 
 VOLUMEBALANCE, LOADBALANCE).
 
 hth
 
 Hugh
 
 
 At 21:54 +0200 15/5/01, Chris Cronje - MWeb wrote:
 Hi There
 
 I was wondering if anyone has done this before ?
 I'm using Radiator to authenticate off another Radiator server, like a
 proxy. If the radius server fails, I want my proxy to mark the server
 dead
 for 10 minutes and then continue to the next Authby clause, which is
 AuthBy
 FILE.
 
 What happens in practise is that if my proxy receives a timeout, it
 retransmits once, marks the server dead for 10 minutes and then says:
 
 Tue May 15 21:53:41 2001: INFO: AuthRADIUS could not find a working host
 to
 forward to. Ignoring
 
 But, it never goes to the next AuthBy statement.
 
 Am I doing something wrong in my config here ?
 
 
 Realm DEFAULT
 AuthByPolicy ContinueUntilIgnore
   AuthBy RADIUS
   Host x.x.x.x
   Retries 1
   RetryTimeout 3
   FailureBackoffTime 600
   Secret M@x$3$$!0n$
   /AuthBy
 
   AuthBy FILE
   Filename users
   AcceptIfMissing
/AuthBy  
 
 /Realm   
 ===
 Archive at http://www.open.com.au/archives/radiator/
 Announcements on [EMAIL PROTECTED]
 To unsubscribe, email '[EMAIL PROTECTED]' with
 'unsubscribe radiator' in the body of the message.
 
 -- 
 
 NB: I am travelling this week, so there may be delays in our
 correspondence.
 
 Radiator: the most portable, flexible and configurable RADIUS server
 anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
 Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
 Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

(RADIATOR) AuthyByPolicy

2001-05-15 Thread Chris Cronje - MWeb 

Hi There

I was wondering if anyone has done this before ?
I'm using Radiator to authenticate off another Radiator server, like a
proxy. If the radius server fails, I want my proxy to mark the server dead
for 10 minutes and then continue to the next Authby clause, which is AuthBy
FILE.

What happens in practise is that if my proxy receives a timeout, it
retransmits once, marks the server dead for 10 minutes and then says:

Tue May 15 21:53:41 2001: INFO: AuthRADIUS could not find a working host to
forward to. Ignoring 

But, it never goes to the next AuthBy statement.

Am I doing something wrong in my config here ?


Realm DEFAULT
AuthByPolicy ContinueUntilIgnore
 AuthBy RADIUS
 Host x.x.x.x
 Retries 1
 RetryTimeout 3
 FailureBackoffTime 600
 Secret M@x$3$$!0n$
 /AuthBy

 AuthBy FILE
 Filename users 
 AcceptIfMissing
  /AuthBy   

/Realm
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.