(RADIATOR) Reverse Proxy POD
Rabbie Zalaf
ZalafR at Leadingedgegroup.com.au
Mon Dec 15 17:33:22 CST 2003
Hi All.
I am trying to set up a reverse RADIUS proxy to do POD to our LNS.
If I send the Disconnect-Request directly to the LNS it works fine..
Eg:
radpwtst -trace 4 -acct_port 1234 -secret xxxxxxx -s xxx.xxx.xxx.xxx -noauth
-noacct -code Disconnect-Request -dictionary /etc/radiator/dictionary
"User-Name=DISCONNECTME"
However, if send the request to the localhost so it gets proxies, it comes
back as INVALID AUTHENTICATOR...
Tue Dec 16 10:15:47 2003: DEBUG: Packet dump:
*** Sending to xxx.xxx.xxx.xxx port 1234 ....
Code: Disconnect-Request
Identifier: 1
Authentic: <127><191>b<215><215><135><143><217>Y<220><227><30><130>E>Z
Attributes:
User-Name = "DISCONNECTME"
Tue Dec 16 10:15:47 2003: DEBUG: Packet dump:
*** Received from xxx.xxx.xxx.xxx port 1234 ....
Code: Disconnect-Request-NAKed
Identifier: 1
Authentic: Y<216><128>+',<141><174>6$<132><201>P<230>L9
Attributes:
Reply-Message = "Invalid Authenticator"
Here is the config for my proxy.
#Foreground
#LogStdout
LogDir /var/log/radius
DbDir /etc/radiator
# ServerId is defined on command line
PidFile %L/%{GlobalVar:ServerId}.pid
LogFile %L/%{GlobalVar:ServerId}/logfile-%Y-%m-%d
Trace 4
BindAddress xxx.xxx.xxx.xxx
AuthPort 1815
AcctPort
# Use a low trace level in production systems. Increase
# it to 4 or 5 for debugging, or use the -trace flag to radiusd
<ClientListSQL>
DBSource dbi:mysql:radius
DBUsername username
DBAuth password
</Client>
<Handler>
<AuthBy RADIUS>
Host 1.2.3.4
AuthPort 1234
Secret somesecret
</AuthBy>
</Handler>
Any help would be greately appreciated.
Rabbie Zalaf
Network Consultant
Leading Edge Internet
02 9497 4024
http://www.leadingedgeinternet.net.au
<http://www.leadingedgeinternet.net.au>
-----BEGIN GEEK CODE BLOCK-----
VERSION: 3.1
GIT d++ s:>s-:- a22 C++++ L U+++
P+ L+++>$L+++++ E--- W+++ w-- M--
t+++ G++
-----END GEEK CODE BLOCK-----
This document together with any attachments is confidential and is intended
for the named recipient only. It can not be copied, disclosed, passed on or
duplicated in any way shape or form, without the prior permission of the
author. If you are not the intended recipient please contact the author
immediately and destroy the message. All parties acknowledge that any breach
of confidence or disclosures made by any party, (including their employees,
agents and contracted service providers such as solicitors, accountants,
auditors and others), which may result in a commercial loss to Leading Edge
Group, may result in Leading Edge Group exercising such rights as are
available to them in connection with that loss.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.open.com.au/pipermail/radiator/attachments/20031216/f5e8061a/attachment.html>
More information about the radiator
mailing list