What is failing? Is FreeRadius ignoring the response packets or do they not arrive?
----- Original Message ----- From: "Brian Andrus" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, June 25, 2004 8:00 AM Subject: RE: Replies on port 1029 > Well it is very odd to me. The proxy requests to me from another freeradius > are failing because the response is being sent back on a different port than > they were sent on. > > > > All The Best, > > Brian Andrus > Millenia Internet Services, Inc. > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Paul > Hampson > Sent: Thursday, June 24, 2004 9:52 PM > To: [EMAIL PROTECTED] > Subject: RE: Replies on port 1029 > > > From: Gary McKinney > > Sent: Friday, 25 June 2004 3:13 AM > > > Brian, > > > > That is the correct way for operation! > > > > Radius "Listens" on Ports 1812 and 1813 ( for authentication and > > accounting respectively) BUT responds back to the NAS on the first > > non-priviledged port the system has available for use.... this is > > normal RFC operation in TCP/IP communications for services - don't > > believe it? Perform an FTP or Telnet or HTTP operation and watch the > > traffic with a network sniffer > > - they do the same thing [grin]... > > Wha?? No it doesn't. > > FTP opens a _second_ connection for data, but telnet and HTTP both use the > existing TCP connection for data back to the client. And an IP connection is > defiened by five things: > (local address, local port, remote address, remote port, and protocol (TCP)) > These things do _not_ change over the life of a connection. > > Anyway, isn't radius UDP? :-) UDP sockets don't have to care what the remote > address and port are, but they still maintain an address and port of their > own... And data sent through that socket will come out of that address and > port. > > I expect Alan's right, and there's something in the network translating > ports after it leaves FreeRADIUS's socket... local NAT firewall, maybe, that > maps the response to an unused port? > > -- > Paul "TBBle" Hampson > Bubblesworth Pty Ltd (ABN: 51 095 284 361) [EMAIL PROTECTED] > > On a sidewalk near Portland State > University someone wrote `Trust Jesus', and someone else wrote `But Cut the > Cards'. > > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
