(RADIATOR) dual IP'd radiator problem

Mike Greene mikeg at rockisland.com
Wed Aug 7 09:06:39 CDT 2002


I searched the archives again and found several references to this 
situation, we simply ran two instances of radiator bound the different IP's 
and this worked fine for the transition period.


At 11:40 AM 8/7/2002 +1000, Hugh Irvine wrote:

>Hello Mike -
>
>Most radius implementations expect the radius reply to come back from the 
>same IP address the initial request was sent to. Quite a few people on 
>this list have had similar problems that were resolved by going back to a 
>single address.
>
>As usual, a copy of the configuration file (no secrets) and a trace 4 
>debug are what is needed to see what is happening. You might also need to 
>look at a tcpdump (or snoop/ethereal/whatever..) to verify the IP headers.
>
>regards
>
>Hugh
>
>
>On Wednesday, August 7, 2002, at 12:27 AM, Mike Greene wrote:
>
>>Hello list,
>>
>>Our radiator server is currently dual IP'd in preparation for a network 
>>renumbering.  We seem to be having trouble getting our 3COM total control 
>>chassis to authenticate to the new IP, our cisco 7206 is also having 
>>trouble as well.
>>
>>The strange thing is that we see in the detail file the accounting 
>>record, and we have the password logging turned on and the users are 
>>passing, yet on the client end we are getting MS error 718 (PPP Timeout), 
>>and on the cisco "LINK proto timeout".
>>
>>Currently the new IP is the secondary IP on the server, and it appears 
>>the accounting records are fine with that setting, but the authorization 
>>part isn't it gets to the end of the negotiation and then fails, it 
>>appears to repeat the process 5 times then finally gives up.
>>
>>Can you dual IP a radiator server and then once all of the RAS devices 
>>are switched over remove the unused IP?  We are using ports 1645/1646.
>>
>>
>>- Mike
>>
>>------------------------------------------------
>>Rock Island Communications, Inc.  (360)-378-5884
>>http://www.rockisland.com/  San Juan Islands, WA
>>------------------------------------------------
>>
>>===
>>Archive at http://www.open.com.au/archives/radiator/
>>Announcements on radiator-announce at open.com.au
>>To unsubscribe, email 'majordomo at open.com.au' with
>>'unsubscribe radiator' in the body of the message.
>>
>--
>Radiator: the most portable, flexible and configurable RADIUS server
>anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
>-
>Nets: internetwork inventory and management - graphical, extensible,
>flexible with hardware, software, platform and database independence.


- Mike

------------------------------------------------
Rock Island Communications, Inc.  (360)-378-5884
http://www.rockisland.com/  San Juan Islands, WA
------------------------------------------------

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list