Hi Heikki, Where should I add the 'AuthPort' and 'AcctPort' attributes? In the ServerTACACSPLUS-clause?
Remco -----Oorspronkelijk bericht----- Van: [email protected] [mailto:[email protected]] Namens Heikki Vatiainen Verzonden: maandag 1 oktober 2012 11:27 Aan: [email protected] Onderwerp: Re: [RADIATOR] Two IP addresses on the same network adapter On 10/01/2012 10:09 AM, Remco van Noorloos wrote: > Since a couple of weeks I've implemented both TACACS as regular RADIUS > services on a Windows server with Radiator. I've assigned two IP > addresses to the network adapter. One is used for RADIUS requests, the > other for TACACS requests. I agree with Hugh this is a good idea. I would add these two lines in the TACACS+ instance configuration if they are not there already: AuthPort AcctPort That will make sure the TACACS+ radiusd instance will not try to bind to RADIUS ports. If you use BindAddress in ServerTACACSPLUS, it should only affect how binding to TACACS+ port is done. Thanks, Heikki > After I did this I'm seeing strange behavior with RADIUS requests. I'm > monitoring this for a while now and with RADIUS test requests the one > moment I get a 'Access-Accept' message and a minute later a 'Socket > Error Connection reset by peer' error message. When this last error > occurs I don't see anything in the debug log (level 4). I've > configured Radiator to use a specific address using the 'BindAddress' > command on global level. For TACACS authentication I configured the > 'BindAddress' > in the ServerTACACSPLUS part of the config. > > > > I'm trying to avoid using an extra server specific for TACACS > authentication because of waste of resources. Is there something I'm > missing here? > > > > Thanks in advance for your answer. > > > > Best regards, > > > > PROXSYS > > Remco > > > > > > _______________________________________________ > radiator mailing list > [email protected] > http://www.open.com.au/mailman/listinfo/radiator > -- Heikki Vatiainen <[email protected]> Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. _______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator _______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator
