[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freeradius-users
Subject:    Re: Home server failure messages
From:       Alan DeKok <aland () deployingradius ! com>
Date:       2019-11-24 13:43:17
Message-ID: DC3A1BFF-93E4-4781-A840-0BF2554D46F6 () deployingradius ! com
[Download RAW message or body]

On Nov 22, 2019, at 3:35 PM, FRANKS, Andy (SHREWSBURY AND TELFORD HOSPITAL NHS TRUST) \
via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
> Hopefully I've understood - I did try the status_check = "status-server" option in \
> the tls (radsec) virtual server, but it seems it is not permitted: 
> Only 'status_check = none' is allowed for home servers with 'proto = tcp'

  TCP connections guarantee delivery.  So there's no reason to have a Status-Server \
check in them.

> Radsecproxy, which I toyed about with for a while, seemed to allow status checks \
> and when used in between freeradius servers (iirc) did respond to the request with \
> no issues via radsec.. Maybe there's something I'm missing, wouldn't be the first \
> time :-)

  FreeRADIUS responds to Status-Server packets over TCP.  But there's no reason to \
send Status-Server packets over TCP.

  If the connection is down, then the server gets notified.  If the connection is up, \
then sending a Status-Server packet over it won't give you any information.

  Alan DeKok.


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


[prev in list] [next in list] [prev in thread] [next in thread]