hostapd 0.5.7: failover to secondary RADIUS problem

Lambert Anne anne.lambert at thomson.net
Thu Apr 3 10:28:41 EDT 2008


Hi,

I am using hostapd 0.5.7 + madwifi driver and a Cisco card on a RHEL5
system. Hostapd is configured to use 802.1X authorization with 2
external Authentication Servers. The radius servers are both running
under RHEL4 and use freeradius-server-2.0.1.

Here is the relevant part of the hostapd.conf file:
---
ieee8021x=1

own_ip_addr=10.0.0.26

auth_server_addr=10.0.0.27
auth_server_port=1812
auth_server_shared_secret=ThisIsASecret

auth_server_addr=10.0.0.25
auth_server_port=1812
auth_server_shared_secret=ThisIsASecret

wpa_key_mgmt=WPA-EAP
---

This is working fine when the primary server is started. 
I wanted however to test the failover to the secondary server: I stopped
the primary server and waited to see when hostapd would start using the
secondary one. And this never happened... 

I saw the following in the printouts:
recv[RADIUS]: Connection refused

which seems normal since the server is not running but hostapd never
seem to try the secondary one...

I then shut down the IP address attached to the primary server and
noticed that this time hostapd was switching to the secondary server.


Is this an expected behaviour? 
If yes, is it possible to configure/change this behaviour so that a
"Connection refused" error leads to a failover?


Regards,


Anne Lambert
 


More information about the HostAP mailing list