> From: Gary McKinney > Sent: Friday, 25 June 2004 3:13 AM > Brian, > > That is the correct way for operation! > > Radius "Listens" on Ports 1812 and 1813 ( for authentication and accounting > respectively) BUT responds back to the NAS on > the first non-priviledged port the system has available for use.... this is normal > RFC operation in TCP/IP communications > for services - don't believe it? Perform an FTP or Telnet or HTTP operation and > watch the traffic with a network sniffer > - they do the same thing [grin]...
Wha?? No it doesn't. FTP opens a _second_ connection for data, but telnet and HTTP both use the existing TCP connection for data back to the client. And an IP connection is defiened by five things: (local address, local port, remote address, remote port, and protocol (TCP)) These things do _not_ change over the life of a connection. Anyway, isn't radius UDP? :-) UDP sockets don't have to care what the remote address and port are, but they still maintain an address and port of their own... And data sent through that socket will come out of that address and port. I expect Alan's right, and there's something in the network translating ports after it leaves FreeRADIUS's socket... local NAT firewall, maybe, that maps the response to an unused port? -- Paul "TBBle" Hampson Bubblesworth Pty Ltd (ABN: 51 095 284 361) [EMAIL PROTECTED] On a sidewalk near Portland State University someone wrote `Trust Jesus', and someone else wrote `But Cut the Cards'. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html