*This message was transferred with a trial version of CommuniGate(tm) Pro* thanks... i think it worked....
:-) >I've used IPFW which has similarly formatted rules.. > >Try: > >1st.. allow all from radius to target >2nd.. allow all from target to radius > > > > > -----Original Message----- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On > > Behalf Of Sergio Gonzalez > > Sent: Friday, November 02, 2001 09:29 > > To: [EMAIL PROTECTED] > > Subject: (RADIATOR) Radiator througt Firewall > > > > > > *This message was transferred with a trial version of CommuniGate(tm) Pro* > > Hello there: > > > > > > I been working in an ipchains rule set to allow radius clients to access > > radius server (Radiator) that is behind the FW. > > > > I did this: > > > > allow from any 1024:65535 to radius.server 1645 bidirectional proto udp > > allow from any 1024:65535 to radius.server 1646 bidirectional proto udp > > > > Here I have 2 kinds of RASes. One is a Hiper-ARC based one and > > the other is > > a Patton. The weird thing is patton doesn't send authentication or > > accounting packets above 1024 port, it does from 513 causing users not to > > get connected. So, I tailored that into my rule set like this > > > > allow from any 513 to radius.server 1645 bidirectional proto udp > > allow from any 513 to radius.server 1646 bidirectional proto udp > > > > But, I'm still having problems. When I applied the rule set, the patton > > cease to authenticate users again. > > > > Any body knows what should be the problem?. Is patton using any > > other port > > to connect to Radius server?. Or is radius server using another port > > different from 1645:1646? > > > > Thanks in advance > > > > > > Sergio Alejandro Gonzalez > > Director Operativo > > SkyNet de Colombia. > > Bogota, Colombia, South America. > > 57 (+1) 6 422 020 > > 57 (+3) 7 285 094 > > > > === > > Archive at http://www.open.com.au/archives/radiator/ > > Announcements on [EMAIL PROTECTED] > > To unsubscribe, email '[EMAIL PROTECTED]' with > > 'unsubscribe radiator' in the body of the message. > > Sergio Alejandro Gonzalez Director Operativo SkyNet de Colombia. Bogota, Colombia, South America. 57 (+1) 6 422 020 57 (+3) 7 285 094 === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.