Raimund Sacherer wrote:
Here is a more detailed description of our scenario
[...]
Thanks, it's a lot easier to undestand now.
For a Proxy Packet the Packet-src_ipaddr is empty.
It's the normal behaviour. The RADIUS server doesn't have knowledge
about the network routes so it's the kernel
Nicolas Baradakis [EMAIL PROTECTED] wrote:
Now you gave us all the details about the problem in your setup, I'm
thinking of a different approach: perhaps it could be easier to add a
source NAT rule on the firewall rather than hacking the source IP
inside radiusd. Did you try this ?
That
Hi Nicolas, Thomas!
Here is a more detailed description of our scenario:
+--+
+---+ | NAS/Roaming | (NAS/Roaming Partner may not be
| 1 | | RadiusServer | part of our Network and can have their
+---+ +--+ own
Raimund Sacherer [EMAIL PROTECTED] wrote:
My previously posted patch adds configuration items for the proxy.conf
config file where you can define the ip_addr which should be used for
each Realm.
I would be glad if someone can confirm this as problem and my patch as
the right solution ;-)
Hi Raimund,
Nicolas and I did some test on proxy forwarding , we use this model :
CLIENT 172.16.69.1
|
vlan 69
|
Raimund Sacherer [EMAIL PROTECTED] wrote:
There where two problems with proxying, first, i listen to 2 ip
addresses, if those where on different interfaces (eth0/eth1) it is not
working, the problem is, the packet is sent to the roamingpartner, but
the response is not recognized by freeradius
Here is our Scenario which is working now:
Some Partners depend on an IPSec tunnel.
+--+
| Our |
| RadiusServer |
+--+
| |
7 matches
Mail list logo