[RADIATOR] Two IP addresses on the same network adapter

Heikki Vatiainen hvn at open.com.au
Mon Oct 1 04:26:51 CDT 2012 

On 10/01/2012 10:09 AM, Remco van Noorloos wrote:

> Since a couple of weeks I’ve implemented both TACACS as regular RADIUS
> services on a Windows server with Radiator. I’ve assigned two IP
> addresses to the network adapter. One is used for RADIUS requests, the
> other for TACACS requests.

I agree with Hugh this is a good idea.

I would add these two lines in the TACACS+ instance configuration if
they are not there already:

AuthPort
AcctPort

That will make sure the TACACS+ radiusd instance will not try to bind to
RADIUS ports.  If you use BindAddress in ServerTACACSPLUS, it should
only affect how binding to TACACS+ port is done.

Thanks,
Heikki


> After I did this I’m seeing strange behavior with RADIUS requests. I’m
> monitoring this for a while now and with RADIUS test requests the one
> moment I get a ‘Access-Accept’ message and a minute later a ‘Socket
> Error Connection reset by peer’ error message. When this last error
> occurs I don’t see anything in the debug log (level 4). I’ve configured
> Radiator to use a specific address using the ‘BindAddress’ command on
> global level. For TACACS authentication I configured the ‘BindAddress’
> in the ServerTACACSPLUS part of the config.
> 
>  
> 
> I’m trying to avoid using an extra server specific for TACACS
> authentication because of waste of resources. Is there something I’m
> missing here?
> 
>  
> 
> Thanks in advance for your answer.
> 
>  
> 
> Best regards,
> 
>  
> 
> PROXSYS
> 
> Remco
> 
>  
> 
> 
> 
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator
> 


-- 
Heikki Vatiainen <hvn at open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.

More information about the radiator mailing list