(RADIATOR) Proxy RADIUS config problem w/ RADIATOR (need help)
James Laszko
jamesl at tfbnet.com
Mon May 14 18:28:23 CDT 2001
Jared:
Something is clicking in the back of my mind that says that Livingston
RADIUS was brain-dead on RADIUS authentication, or something like that.
I believe that it accepted Auth/Acct requests even if the shared secret
was bad. Are you sure the shared secret is correct? Are you sure that
remote.radius.server.com is resolving correctly? Tried using Host <ip
address> instead of Host <hostname>?
Just a few ideas....
James Laszko
TFBnet
james at tfb.com
-----Original Message-----
From: Jared Reimer [mailto:jared at theriver.com]
Sent: Monday, May 14, 2001 1:22 PM
To: Radiator Mail list
Subject: (RADIATOR) Proxy RADIUS config problem w/ RADIATOR (need help)
Hello.
I am evaluating Radiator and thus far, am very impressed. What an
improvement over Livingston RADIUS 2.1 this seems to be!
However, I am having the following problem with Proxy RADIUS. We see a
lot
of this in the third-party RADIUS server's logfiles, but get no valid
replies:
>Wed May 9 15:33:43 2001: requester address mismatch: 63.211.219.163 !=
>216.AAA.BBB.CCC
>Wed May 9 15:33:43 2001: Authenticate: from 216.AAA.BBB.CCC - Security
>Breach: testlogin
(Note that AAA/BBB/CCC were changed.)
Here is the weird part: When I use Livingston RADIUS 2.1 instead of
Radiator [on my end], it works fine! In other words, something about
the
way RADIATOR is talking to the other RADIUS server appears to be
bothering
it. I am using the radpwtst tool to generate test RADIUS auth requests,
if
that matters. Note that the 63.211.219.163 IP address is not even mine
--
I have no idea where that came from!
Any ideas as to what might be causing the above problem?
FWIW, my RADIATOR config looks like this. It's pretty straightforward
<Handler Called-Station-Id=/123456.../>
<AuthBy RADIUS>
Host remote.radius.server.com
Secret shared_secret
IgnoreReplySignature
</AuthBy>
</Handler>
Thanks for any guidance you can provide!
-- Jared
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list