[RADIATOR] Trying to use an AuthBy to try Radsec and RADIUS on the same host
Stefan Paetow (OpenSource)
oss at eons.net
Tue Dec 17 22:42:26 UTC 2024
Hi,
We're trying to implement a mixed AuthBy where we try Radsec (RADIUS/TLS)
first on the host(s) defined for a specific realm, and when they time out,
retry on plain old RADIUS.
Can I do something like this, or will there be a clash between the two sets
of Host clauses?
<AuthBy RADSEC>
MaxFailedRequests 5
FailureBackoffTime 180
NoreplyTimeout 5
TLS_Protocols TLSv1.3, TLSv1.2
TLS_CAFile %D/cafile.crt
TLS_CertificateFile %D/certfile.crt
TLS_CertificateType PEM
TLS_PrivateKeyFile %D/certfile.key
TLS_PolicyOID [oid redacted]
Secret radsec
Port 2083
ConnectOnDemand
ProxyAlgorithm HashBalance
Asynchronous
Host fe80::44bc:f9ff:fea8:ab02
Host fe80::44bc:f9ff:fea8:ab04
<Host fe80::44bc:f9ff:fea8:ab02>
Secret this_secret_329847247
Port 1812
UseTLS 0
</Host>
<Host fe80::44bc:f9ff:fea8:ab04>
Secret this_secret_3298423657
Port 1812
UseTLS 0
</Host>
</AuthBy>
Based on the documentation (and one of the examples in the docs, not in the
goodies), this *should* be possible, but I thought I'd check first?
If this does not work, is it because the Host clauses clash?
Kind regards
Stefan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.open.com.au/pipermail/radiator/attachments/20241217/94c00d79/attachment.html>
More information about the radiator
mailing list