We have a pair of Radius servers at Carleton, both part of Novell's old BorderManager product. When pam_radius-1.3.15 finds one too busy (and it times out), it naturally fails over to the other server listed in our /etc/raddb/servers file.
Interestingly, when the second server is contacted, it's finding that our packets are malformed. When the remote server responds, the ma- chine running pam_radius itself sees a bad packet. The machine run- ning pam_radius also sends out an ICMP udp port unreachable message. The machine running pam_radius is a RedHat Linux box (7.3; kernel ver- sion 2.4.18). We're kind of wondering whether the fact that pam_radius uses the same local UDP port for both connections (i.e., connections to both the first and the second Radius server) might be causing the Linux kernel to behave oddly. Note that this conversation (the one between the Linux box running pam_radius) and the Radius servers is being mediated with a firewall that has an application-level proxy. The ICMP message, though, is clearly being issued by the Linux machine after getting a denial from the Radius server. Anyone have any thoughts about what is going on? -- Richard L. Goerwitz III Email: [EMAIL PROTECTED] Phone: +1 507 646 5526 Fax: +1 507 646 4537 PGP key fingerprint: 4471 B6D3 57CC B2DC A0CF 82D3 0B7D EA19 F425 B0E0 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
