(RADIATOR) Multiple instances in proxyradius
Hugh Irvine
hugh at open.com.au
Tue Feb 10 15:57:13 CST 2004
Hello Peter -
How nice to hear from you - it must be almost time for me to come and
see you again.
I think what you describe should work just fine, as each instance will
use a different _source_ port number when sending radius requests to
the proxy targets. The proxy targets will reply to the _source_ port
number contained in the request.
I'm happy to come and help with the project if required!
:-)
BTW - the latest version is Radiator 3.8 (plus a few patches).
regards
Hugh
On 11 Feb 2004, at 03:34, Peter Cederstrand wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> - --
> Security:
>
>
> Hi Hugh, Mike and all. Long time no seen ;-)
>
> Multiple instances again but different ;-)
>
> We are doing some rework on the old project you help us with a couple
> of years
> ago.
>
> To ease up the migration of all equipment/new configs and not disturb
> all
> virtual ISPs we are thinking of using a temporary proxyradius
> config-file
> running as multiple instance in the proxyradius.
>
> We are well aware that we need a multiple instance and different
> portnumbers
> for the listening Auth and Acc requests from the NASs. But we can't
> find any
> information in ref-manual nor forum-archive what about the
> transmitting/proxying ports towards the ISPs radiusservers.
>
> Here the request goes out to the ISPs and the proxyradius waits for
> answer. As
> we want not to disturb the ISPs with a temporary use of some new ports
> we
> want to use the same "transmitports" for this secondary instance as
> for the
> first one.
>
> It would in theory be possible for the proxyradius to "know" when the
> answers
> arrives to which instance the answer belongs, because just one of them
> waits
> for an answer with the wright sessionid?
>
> (As you now we run this in a BSDi environment on Compaq DL380s)
>
> Is this OK or do I really have to use new portnumbers here also?
>
>
> The setup with some portnumbers as example:
>
> Auth Req--> <--Auth Reply
> NAS's --------------------ProxyRadius--------------------vISP's
>
> 1st inst
> auth 1647 auth 1812
> acc 1648 acc 1813
>
> 2nd inst
> auth 1643 auth 1812
> acc 1644 acc 1813
>
>
>
>
>
> Regards /Peter
>
> - ------------------------------------------------------------
> Peter Cederstrand
> TietoEnator Telecom & Media
> 84:30, (Rudsjöterassen 5)
> SE-136 82 Haninge, Sweden
> Phone: +46 8 6060324
> Fax:
> Email: peter.cederstrand at tietoenator.com
> Web: http://www.tietoenator.com
> Plattform: Linux 2.4.x / Mandrake 9.0
> OpenOffice / Open GNU all
> - ------------------------------------------------------------
>
> =
> / \ ASCII Ribbon Campaign
> \ /
> x No HTML in email & news
> / \
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.3 (GNU/Linux)
>
> iD8DBQFAKQgVrDAolHTGn+gRAiRnAKDISaPaWs+bz1kc0k17A9ESjHxtIACgwtHk
> qwgkldg6eWQ72VAZhJsUSu4=
> =CVpe
> -----END PGP SIGNATURE-----
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>
NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list