[RADIATOR] AuthBy RADIUS and LocalAddress

Heikki Vatiainen hvn at open.com.au
Mon Aug 19 07:22:46 CDT 2013


On 08/16/2013 02:45 PM, Alexander Hartmaier wrote:

> I've migrated our main Radiator installation to new servers and just
> faced the problem that an AuthBy RADIUS didn't send a packet out
> although a trace 4 showed a "Sending to <IPv4>".
> The Radiator process is bound to some virtual IPs using BindAddress
> which is different from the old installation where it listened on 0.0.0.0.

Hello Alexander,

what do you mean by *virtual* IP address in this case. Is it an alias
address or something else?

Also, is that unpatched or patched 4.11?

> Adding LocalAddress using the non-virtual IPv4 address of the interface
> fixed it. Without that a tcpdump shows no packets on neither of the two
> interfaces.

LocalAddress should default to BindAddress or 0.0.0.0 if LocalAddress is
not set explicitly as on option. It also tries to create a socket for
proxying the requests if no such socket exists already.

> Imho that's a bug because sending Radius requests as a Radius client
> should be decoupled from being a Radius Server.

Do you think you could provide a minimal configuration file that
reproduces the problem you see? We would be interested in taking a
further look at this.

Thanks,
Heikki

-- 
Heikki Vatiainen <hvn at open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.


More information about the radiator mailing list