[RADIATOR] PacketTrace for Authby RADSEC does not dump receiving packets
Karl Gaissmaier
karl.gaissmaier at uni-ulm.de
Fri Jul 12 08:07:04 CDT 2013
Hi radiator team,
I've a nasty problem between radiator and radsecproxy. I tried to dump
the receiving packets by AuthRADSEC, but no chance. Seems that the
PakcetTrace flag does not go transfered to the receiving packet.
Maybe this is a bug? Please see my config snippet.
The same is true for Server RADSEC, I never see Incoming packets dumped:
Version 4.11, patches from last week applied.
> <ServerRADSEC>
> Secret radsec
> Identifier FROM-DFN-PROXY
> PacketTrace
>
> <Log FILE>
> Trace 5
> Filename %L/radsec-debug-logg
> LogMicroseconds
> </Log>
>
> AddToRequest Connect-Info=FROM-DFN-PROXY
>
> UseTLS
> TLS_CAFile %D/certificates/dfn-ca-chain.crt
> TLS_CertificateFile %D/certificates/radius.uni-ulm.de.crt
> TLS_CertificateType PEM
> TLS_PrivateKeyFile %D/certificates/radius.uni-ulm.de.key
>
> </ServerRADSEC>
>
> <AuthBy RADSEC>
> Secret radsec
> Identifier TO-DFN-PROXY
> PacketTrace
>
> # not working, still searching for the bug in radsecproxy chain, sigh
> # UseStatusServerForFailureDetect
> # KeepaliveTimeout 10
>
> <Log FILE>
> Trace 5
> Filename %L/radsec-debug-logg
> LogMicroseconds
> </Log>
>
> # stupid workaround for open problems with upstream proxy
> MaxFailedRequests 60
> MaxFailedGraceTime 1
> FailureBackoffTime 0
> NoreplyTimeout 10
>
> NoForwardAccounting
>
> StripFromReply Tunnel-Type, Tunnel-Medium-Type, Tunnel-Private-Group-ID
>
> LocalAddress 134.60.X.Y
>
> Host radius1.dfn.de
> Host radius2.dfn.de
>
> UseTLS
> TLS_CAFile %D/certificates/dfn-ca-chain.crt
> TLS_ExpectedPeerName CN=.*\.dfn\.de
>
> TLS_CertificateFile %D/certificates/radius.uni-ulm.de.crt
> TLS_CertificateType PEM
> TLS_PrivateKeyFile %D/certificates/radius.uni-ulm.de.key
>
> </AuthBy>
--
Karl Gaissmaier
Universität Ulm/Germany
More information about the radiator
mailing list