* This is the VOP Radius mailing list * Hey Scott, I am working on a backup radius server using BSD/ freeRadius. I just started with it this afternoon/ evening and am wondering what BSD based Radius you are running over there. FreeRadius seems to be really feature packed. Thanks. Lewis
----- Original Message ----- From: "Scott Wolf" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, December 23, 2002 11:14 AM Subject: [VOP RADIUS] Fallback > * This is the VOP Radius mailing list * > We have gotten VOP Radius to fallback to the BSD based radius server on > user not found. Radius server type had to be set to ROAMER. I can see in > the BSD logs that a user is AUTH'd ok. Appears to make it back to the > VOP Radius server. But the user ends up getting disconnected. Attached > is what I see at the NAS Server end. The line that appears to be the > error is "Dec 23 17:10:09.296 UTC: RADIUS: no appropriate authorization > type for user." Anyone have any ideas. Thanks, > > Scott Wolf > Aginet > > > > Scott Wolf wrote: > > > * This is the VOP Radius mailing list * > > I have retries set to 1 as I thought that could be a problem. I load > > up voptest, set it to 3 tries (simulate the nas) and it will > > authenticate users in the main source (ODBC - rodopi), but it just > > times out if I try a user in the fallback source. I can check the logs > > of the fallback radius server and not requests are sent to it. To do > > some testing I set the primary method to radius server and it did > > sucessfully proxy the requests over to the second server (wanted to > > verify passwords and connectivity). If this issue is beyond basic > > support, just send me an e-mail off the list. I realise we have no > > support contract and this is an old version. > > > > Scott Wolf > > > > Customer Support wrote: > > > >> * This is the VOP Radius mailing list * > >> Scott, > >> > >> In the RADIUS => Cache/Fallback panel, you have to make sure you > >> specify ONE > >> retry only. Also, it depends on your primary authentication method. > >> For > >> instance, fallback doesn't work with NT/SAM authentication as the > >> primary > >> authentication. Fallback occurs only after the n+2'd retry where > >> n=value of > >> the retries. So your NAS (or VOPTest) has to send n+2 packets before > >> the > >> fallback kicks in. > >> > >> -- > >> Yves Lacombe > >> SPAM Fighting team & > >> Technical Support > >> > >> > >> ----- Original Message ----- > >> From: "Scott Wolf" <[EMAIL PROTECTED]> > >> To: <[EMAIL PROTECTED]> > >> Sent: Friday, December 20, 2002 9:23 PM > >> Subject: [VOP RADIUS] Fallback > >> > >> > >> > >> > >>> * This is the VOP Radius mailing list * > >>> I am having problems trying to do fallback authentication to another > >>> radius server running on BSD. I have the method set to "Radius Server", > >>> the ip address of the BSD radius server in the ip box, the "Apply > >>> method > >>> if user not found box" is checked also. I also have the seconday box > >>> set > >>> up in clients with the password. I can see in the log file where it > >>> forces backup authentication, but it never seems to try it. The BSD > >>> server never shows any attempts to contact it. Seems very off. > >>> Wondering > >>> if this is a known issue (we are running an old version 2.2.211). > >>> Thought someone out there might have some idea. I have given up. > >>> > >>> > >>> > >>> > >>> ** > >>> To leave this list, send an email to [EMAIL PROTECTED] > >>> and put the word "LEAVE" in the BODY of the email. > >>> > >>> > >> > >> > >> > >> ** > >> To leave this list, send an email to [EMAIL PROTECTED] > >> and put the word "LEAVE" in the BODY of the email. > >> > >> > >> > > > > > > > > ** > > To leave this list, send an email to [EMAIL PROTECTED] > > and put the word "LEAVE" in the BODY of the email. > > > > > > ** > To leave this list, send an email to [EMAIL PROTECTED] > and put the word "LEAVE" in the BODY of the email. ** To leave this list, send an email to [EMAIL PROTECTED] and put the word "LEAVE" in the BODY of the email.
