Hi all,
I'm trying to persuade my RADIUS server to behave like so (it's 1.0.2, doing
authentication by eap-tls, if you care):
1) proxy all requests to a remote RADIUS server, who we'll call Bob
2a) if it receives an ACCEPT, Alice (my server) accepts
2b) if it receives a REJECT, Alice processes the request herself as if she had
never proxied it to Bob in the first place.
I've got part #1 and #2a working, but I can't get #2b. After reading the docs,
this seems like it should just require a few edited lines of proxy.conf, users,
and the post-proxy {} part of radiusd.conf. I haven't been able to set those
settings right -- RADIUS keeps bailing out as soon as it receives REJECT. And
I'm not sure that what I'm trying to do is even acceptable behavior by the RFC
specs.
I'm hoping someone out there more clever than I has already worked this out, or
might have some ideas. How about it? Thanks a bunch, in advance,
Nick Santos
PKI/Trust Lab
Dartmouth College, Hanover NH
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
