(RADIATOR) proxy depends on UID and src port?
Hugh Irvine
hugh at open.com.au
Tue Apr 5 10:03:35 CDT 2005
Hello Tariq -
What usually happens is the host operating system chooses a source port
number from which to send the proxy request (unless configured
otherwise) and the reply will come back to that port number. There are
cases when this doesn't happen (for various reasons) and in any case
the preferred solution is to use UseExtendedIds as Frank has mentioned
(thanks Frank).
regards
Hugh
On 5 Apr 2005, at 13:09, Tariq Rashid wrote:
>
> hi, sorry to continue from the previous post but here is a more
> specific
> question:
>
> When a radius proxy, such as an appropriately configured radiator,
> forwards
> (proxies) a radius request to a target, the target sees a radius
> request
> from the proxy .. it sees its IP address, the source port, and the UID
> of
> the radius request.
>
> now, when the radius target forms a reply/responce, does it address it
> to
> that source port on the proxy server?
>
> if i run multiple proxies on a server, they will get the correct
> replies if
> 1. they send the proxied requests to the targets from different src
> udp ports
> 2. if the targets actually respond to these src udp ports, and not a
> default like 1645
>
> in people's experience, is the above a reasonable assumption or are
> there
> common cases of radius target servers (not determined, and
> heterogeneous)
> which do not behave correctly/usefully.
>
> tariq
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>
NB: I am travelling this week, so there may be delays in our
correspondence.
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list