3. FreeRadius replication

FreeRadius replication

  • I

    Hi,

    I have two Pfsenses boxes running freeradius but I would like to make one of them replicate the users information from the other one.

    I tried setting up a script to copy the users file via shh

    scp root@myradius.mydomain.com:/usr/local/etc/raddb/users /usr/local/etc/raddb/users

    and then restarting the radiusd service but it does not seems to be working

    If i go to the GUI no users show up and if I add one the whole users file gets re-written and will only include the user that I just added via the GUI

    has anyone run into this issue before? is there better way to set the replication?

    0
  • N

    Hi,

    I think there are different files for the GUI and the real "users" file of freeRADIUS.
    I think you can sync the users files of both freeRADIUS and it will work but it will not show up in the GUI.
    And like you said - after doing any changes on the freeRADIUS GUI all changes you did before will get lost.

    I think you'll have to find the file which is responsible for the freeRADIUS GUI and sync this file, too.

    If you found any solution, please let me know!

    0
  • I

    I Think I got it….
    but I'm still testing

    the easiest way seems to be to be to update /cf/conf/config.xml

    and the run
    ./etc/rc.filter_configure
    ./etc/rc.packages

    it seems that if you do other changes to the config.xml file
    you should also run
    ./etc/rc.filter_configure_xmlrpc

    for those changes to take effect.

    hopefully this information helps other people.

    0
  • N

    Hi,

    is this working for you, now ?

    How do you only update the freeradius content of the config.xml file ?
    Or did you found another solution ?

    Thanks for your feedback.

    0

  • Look at any .inc file from packages that sync conf between pfSense boxes and you will see that it's not So hard.

    Then create an php script to do it for you.

    0
  • N

    @marcelloc:

    Look at any .inc file from packages that sync conf between pfSense boxes and you will see that it's not So hard.

    Then create an php script to do it for you.

    Can you tell me one or two packages which are doing that ?
    My both pfsense machines are NOT running in CARP mode - so is it than still possible to sync the packages ?

    0

  • Varnish, postifix, haproxy.

    You do not need carp enabled to use it.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy