Re: Secondary authentication server in MAX4000

Josh Hillman ( (no email) )
Mon, 12 May 1997 09:55:46 -0400

The Max will only go the the secondary server if the first one is not
responding (radius or the machine crashes, etc.) You need to copy/move the
"users" text file onto the same machine where your Emerald db / radius is
located. Then the Max will search as needed (on one machine).

Josh Hillman

> I am attempting to move Emerald out of our testing environment and onto
> our operating equipment for further testing. At first I am not wanting
> to move all of our users into the Emerald database, but rather only a
> handful of our internal accounts for testing sake. I wish to leave the
> rest on our existing Radius using the 'users.' text file for the time
> being. It is my understanding that the MAX is supposed to check it's
> internal list for authentication, then check each of it's listed
> authentication servers to find a match. This is to say if I put an
> account in Emerald, say 'test' for example, that the MAX should check
> it's internal list and find no match for 'test', then check our existing
> Radius still using the 'users.' file and find no match for 'test', then
> check our Radius using the Emerald database and find a match. This is
> not what is happening however. The MAX is checking it's internal list,
> checking our existing Radius, but never sending authentication requests
> to the Emerald Radius at all. As soon as the existing Radius rejects
> the id I disconnect without ever checking the next server. The MAX4000
> is however properly sending all accounting information to the new Radius
> which is listed as a second accounting server. Any idea what is
> happening here? Here is the MAX config:
> Ethernet, Mod Config, Auth:
> Auth Host #1= (our existing Radius using users. )
> Auth Host #2= (our test Radius using the Emerald d-base)
> Auth Host #3=
> Auth Port=1645
> Auth Src Port=0
> Auth Timeout=5
> Auth Key=********
> Auth Pool=Yes
> Auth TS Secure=Yes
> Auth Send Attr. 6,7=Yes
> Local Profiles First=Yes
> Auth Req=Yes
> CLID Timeout Busy=No
> CLID Fail Busy=No
> APP Server=No
> APP Host=N/A
> APP Port=N/A
> SecurID DES encryption=N/A
> SecurID host retries=N/A
> SecurID NodeSecret=N/A
> Sess Timer=N/A