John Paul wrote:
The issue is that if a machine is authenticated and the server that
did the authentication is down, the switch will contact the other server
and the EAP conversation will fail, causing authentication to fail.
Research indicates that this is because the client and server have
John Paul wrote:
When I tested this the first time, authentications to server 1 worked
and to server 2 did not. When I couldn't figure it out, I turned the
test machines off and left for the day. The next day I had server 1
turned off - I turned the test machines on and authentications to
Debug the switch. It's quite likely that it isn't marking the radius
server that is down as dead but it tries it again when it recieves the
challenge.
Ivan Kalik
Kalik informatika ISP
Dana 4/12/2007, John Paul [EMAIL PROTECTED] piše:
John Paul wrote:
The issue is that if a machine is
FreeRADIUS does not do session resumption. If the supplicant tries to
do session resumption, I don't know what will happen. You should ensure
that the supplicant has session resumption disabled.
Windows does support it but it's switched off by default and I have verified
this
John Paul wrote:
John Paul wrote:
The issue is that if a machine is authenticated and the server
that did the authentication is down, the switch will contact the
other server and the EAP conversation will fail, causing
authentication to fail. Research indicates that this is because
the client
Phil Mayers wrote:
There are patches to enable this, but they have not, as yet, been
integrated. In any case, they won't help you to fail over from one
server to another.
If/when those patches get integrated, it would be highly useful to
support failover between servers. I guess the
On 12/4/2007 at 10:01 AM, in message
[EMAIL PROTECTED], [EMAIL PROTECTED] wrote:
Debug the switch. It's quite likely that it isn't marking the radius
server that is down as dead but it tries it again when it recieves the
challenge.
Bingo, we have a winner. The switch was attempting to contact
Greetings,
I have 2 FreeRadius servers set up, configured nearly identically. The idea is
that if one is unavailable the NAS should look for the other. I'm attempting
802.1X with Cisco 2950s, which allow you to specify multiple RADIUS servers and
automatically failover when one is unreachable.
John Paul wrote:
The issue is that if a machine is authenticated and the server that
did the authentication is down, the switch will contact the other server
and the EAP conversation will fail, causing authentication to fail.
Research indicates that this is because the client and server have
9 matches
Mail list logo