[RADIATOR] Two IP addresses on the same network adapter
Hugh Irvine
hugh at open.com.au
Mon Oct 1 03:49:09 CDT 2012
Hello Remco -
I would use one instance of Radiator for RADIUS only and another for TACACS only.
Then you only need one IP address and both Radiator configuration files will be much simpler.
regards
Hugh
On 1 Oct 2012, at 17:09, Remco van Noorloos <rvannoorloos at proxsys.nl> wrote:
> Dear all,
>
> Since a couple of weeks I’ve implemented both TACACS as regular RADIUS services on a Windows server with Radiator. I’ve assigned two IP addresses to the network adapter. One is used for RADIUS requests, the other for TACACS requests.
>
> After I did this I’m seeing strange behavior with RADIUS requests. I’m monitoring this for a while now and with RADIUS test requests the one moment I get a ‘Access-Accept’ message and a minute later a ‘Socket Error Connection reset by peer’ error message. When this last error occurs I don’t see anything in the debug log (level 4). I’ve configured Radiator to use a specific address using the ‘BindAddress’ command on global level. For TACACS authentication I configured the ‘BindAddress’ in the ServerTACACSPLUS part of the config.
>
> I’m trying to avoid using an extra server specific for TACACS authentication because of waste of resources. Is there something I’m missing here?
>
> Thanks in advance for your answer.
>
> Best regards,
>
> PROXSYS
> Remco
>
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator
--
Hugh Irvine
hugh at open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc.
Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.
More information about the radiator
mailing list