(RADIATOR) dual IP'd radiator problem
Andy De Petter
adepette at krameria.net
Wed Aug 7 00:34:11 CDT 2002
This problem could be solved, by using 2 addresses, that are in
different subnets (at least for most operating systems).
-Andy
Hugh Irvine wrote:
>
> Hello Mike -
>
> Most radius implementations expect the radius reply to come back from
> the same IP address the initial request was sent to. Quite a few people
> on this list have had similar problems that were resolved by going back
> to a single address.
>
> As usual, a copy of the configuration file (no secrets) and a trace 4
> debug are what is needed to see what is happening. You might also need
> to look at a tcpdump (or snoop/ethereal/whatever..) to verify the IP
> headers.
>
> regards
>
> Hugh
>
>
> On Wednesday, August 7, 2002, at 12:27 AM, Mike Greene wrote:
>
>> Hello list,
>>
>> Our radiator server is currently dual IP'd in preparation for a
>> network renumbering. We seem to be having trouble getting our 3COM
>> total control chassis to authenticate to the new IP, our cisco 7206 is
>> also having trouble as well.
>>
>> The strange thing is that we see in the detail file the accounting
>> record, and we have the password logging turned on and the users are
>> passing, yet on the client end we are getting MS error 718 (PPP
>> Timeout), and on the cisco "LINK proto timeout".
>>
>> Currently the new IP is the secondary IP on the server, and it appears
>> the accounting records are fine with that setting, but the
>> authorization part isn't it gets to the end of the negotiation and
>> then fails, it appears to repeat the process 5 times then finally
>> gives up.
>>
>> Can you dual IP a radiator server and then once all of the RAS devices
>> are switched over remove the unused IP? We are using ports 1645/1646.
>>
>>
>> - Mike
>>
>> ------------------------------------------------
>> Rock Island Communications, Inc. (360)-378-5884
>> http://www.rockisland.com/ San Juan Islands, WA
>> ------------------------------------------------
>>
>> ===
>> Archive at http://www.open.com.au/archives/radiator/
>> Announcements on radiator-announce at open.com.au
>> To unsubscribe, email 'majordomo at open.com.au' with
>> 'unsubscribe radiator' in the body of the message.
>>
>>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
--
Andy De Petter - http://www.techos.be/andy - naql at gunvobk.or (ROT13)
Senior System Engineer - Skynet IT & Network - http://www.skynet.be
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list