(RADIATOR) Multiple instances in proxyradius

Hugh Irvine hugh at open.com.au
Tue Feb 10 15:57:13 CST 2004


Hello Peter -

How nice to hear from you - it must be almost time for me to come and 
see you again.

I think what you describe should work just fine, as each instance will 
use a different _source_ port number when sending radius requests to 
the proxy targets. The proxy targets will reply to the _source_ port 
number contained in the request.

I'm happy to come and help with the project if required!

:-)

BTW - the latest version is Radiator 3.8 (plus a few patches).

regards

Hugh


On 11 Feb 2004, at 03:34, Peter Cederstrand wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> - --
>    Security:
>
>
> Hi Hugh, Mike and all. Long time no seen ;-)
>
> Multiple instances again but different ;-)
>
> We are doing some rework on the old project you help us with a couple 
> of years
> ago.
>
> To ease up the migration of all equipment/new configs and not disturb 
> all
> virtual ISPs we are thinking of using a temporary proxyradius 
> config-file
> running as multiple instance in the proxyradius.
>
> We are well aware that we need a multiple instance and different 
> portnumbers
> for the listening Auth and Acc requests from the NASs. But we can't 
> find any
> information in ref-manual nor forum-archive what about the
> transmitting/proxying ports towards the ISPs radiusservers.
>
> Here the request goes out to the ISPs and the proxyradius waits for 
> answer. As
> we want not to disturb the ISPs with a temporary use of some new ports 
> we
> want to use the same "transmitports" for this secondary instance as 
> for the
> first one.
>
> It would in theory be possible for the proxyradius to "know" when the 
> answers
> arrives to which instance the answer belongs, because just one of them 
> waits
> for an answer with the wright sessionid?
>
> (As you now we run this in a BSDi environment on Compaq DL380s)
>
> Is this OK or do I really have to use new portnumbers here also?
>
>
> The setup with some portnumbers as example:
>
>                  Auth Req-->                            <--Auth Reply
>    NAS's --------------------ProxyRadius--------------------vISP's
>
>   1st inst
>               auth 1647                               auth 1812
>               acc  1648                               acc  1813
>
>   2nd inst
>                auth 1643                              auth 1812
>                acc  1644                              acc  1813
>
>
>
>
>
>    Regards /Peter
>
> - ------------------------------------------------------------
>  Peter Cederstrand
>  TietoEnator Telecom & Media
>  84:30, (Rudsjöterassen 5)
>  SE-136 82 Haninge, Sweden
>  Phone: +46 8 6060324
>  Fax:	
>  Email:	peter.cederstrand at tietoenator.com
>  Web:	http://www.tietoenator.com
>  Plattform: Linux 2.4.x / Mandrake 9.0
>               OpenOffice / Open GNU all
> - ------------------------------------------------------------
>
>    =
>   / \   ASCII Ribbon Campaign
>   \ /
>    x   No HTML in email & news
>   / \
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.3 (GNU/Linux)
>
> iD8DBQFAKQgVrDAolHTGn+gRAiRnAKDISaPaWs+bz1kc0k17A9ESjHxtIACgwtHk
> qwgkldg6eWQ72VAZhJsUSu4=
> =CVpe
> -----END PGP SIGNATURE-----
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list