[RADIATOR] AuthBy RADIUS and LocalAddress

[Heikki Vatiainen]

On 08/16/2013 02:45 PM, Alexander Hartmaier wrote:

> I've migrated our main Radiator installation to new servers and just
> faced the problem that an AuthBy RADIUS didn't send a packet out
> although a trace 4 showed a "Sending to <IPv4>".
> The Radiator process is bound to some virtual IPs using BindAddress
> which is different from the old installation where it listened on 0.0.0.0.

Hello Alexander,

what do you mean by *virtual* IP address in this case. Is it an alias
address or something else?

Also, is that unpatched or patched 4.11?

> Adding LocalAddress using the non-virtual IPv4 address of the interface
> fixed it. Without that a tcpdump shows no packets on neither of the two
> interfaces.

LocalAddress should default to BindAddress or 0.0.0.0 if LocalAddress is
not set explicitly as on option. It also tries to create a socket for
proxying the requests if no such socket exists already.

> Imho that's a bug because sending Radius requests as a Radius client
> should be decoupled from being a Radius Server.

Do you think you could provide a minimal configuration file that
reproduces the problem you see? We would be interested in taking a
further look at this.

Thanks,
Heikki

-- 
Heikki Vatiainen <hvn at open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.