Hi radiator team, I've a nasty problem between radiator and radsecproxy. I tried to dump the receiving packets by AuthRADSEC, but no chance. Seems that the PakcetTrace flag does not go transfered to the receiving packet.
Maybe this is a bug? Please see my config snippet. The same is true for Server RADSEC, I never see Incoming packets dumped: Version 4.11, patches from last week applied. > <ServerRADSEC> > Secret radsec > Identifier FROM-DFN-PROXY > PacketTrace > > <Log FILE> > Trace 5 > Filename %L/radsec-debug-logg > LogMicroseconds > </Log> > > AddToRequest Connect-Info=FROM-DFN-PROXY > > UseTLS > TLS_CAFile %D/certificates/dfn-ca-chain.crt > TLS_CertificateFile %D/certificates/radius.uni-ulm.de.crt > TLS_CertificateType PEM > TLS_PrivateKeyFile %D/certificates/radius.uni-ulm.de.key > > </ServerRADSEC> > > <AuthBy RADSEC> > Secret radsec > Identifier TO-DFN-PROXY > PacketTrace > > # not working, still searching for the bug in radsecproxy chain, sigh > # UseStatusServerForFailureDetect > # KeepaliveTimeout 10 > > <Log FILE> > Trace 5 > Filename %L/radsec-debug-logg > LogMicroseconds > </Log> > > # stupid workaround for open problems with upstream proxy > MaxFailedRequests 60 > MaxFailedGraceTime 1 > FailureBackoffTime 0 > NoreplyTimeout 10 > > NoForwardAccounting > > StripFromReply Tunnel-Type, Tunnel-Medium-Type, Tunnel-Private-Group-ID > > LocalAddress 134.60.X.Y > > Host radius1.dfn.de > Host radius2.dfn.de > > UseTLS > TLS_CAFile %D/certificates/dfn-ca-chain.crt > TLS_ExpectedPeerName CN=.*\.dfn\.de > > TLS_CertificateFile %D/certificates/radius.uni-ulm.de.crt > TLS_CertificateType PEM > TLS_PrivateKeyFile %D/certificates/radius.uni-ulm.de.key > > </AuthBy> -- Karl Gaissmaier Universität Ulm/Germany _______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator
