El mar, 26-09-2006 a las 10:00 +0200, Sebastien Cantos escribió:
I've you seen my post or are you just ignoring it ? :)
I've seen your post. I already know I could reconfigure routes.
--
Angel L. Mateo Martínez
Sección de Telemática
Área de Tecnologías de la Información _o)
y
On Tue 26 Sep 2006 22:03, Alan DeKok wrote:
Phil Mayers [EMAIL PROTECTED] wrote:
All IP protocol servers should offer each type of socket a configurable
bind address (or list of such). That is quite aside from the specifics
of this issue - that is, it solves other, much much harder to solve
El lun, 25-09-2006 a las 22:54 +0300, Peter Nixon escribió:
I had this problem previously with FreeRADIUS where radius had to reply from
the inside interface of a multihomed server else the packets would not match
the IPSec tunnel ACLs bound to the external interface (A common config) I
Peter Nixon wrote:
On Mon 25 Sep 2006 19:05, Nicolas Baradakis wrote:
That has nothing to do with FreeRADIUS. The source address of an
outgoing UDP packet is chosen by the kernel according to the local
network configuration.
I had this problem previously with FreeRADIUS where radius had
On Tue 26 Sep 2006 11:55, Nicolas Baradakis wrote:
Peter Nixon wrote:
On Mon 25 Sep 2006 19:05, Nicolas Baradakis wrote:
That has nothing to do with FreeRADIUS. The source address of an
outgoing UDP packet is chosen by the kernel according to the local
network configuration.
I had
Peter Nixon wrote:
On Tue 26 Sep 2006 11:55, Nicolas Baradakis wrote:
However, a proxy request is different, because it's a new outgoing
packet. In this case, we don't force the source IP in FreeRADIUS and
we shouldn't do so because the NAS and the realm server are possibly
on a
I've you seen my post or are you just ignoring it ? :)
-Message d'origine-
De : [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
De la part de Angel L. Mateo
Envoyé : mardi 26 septembre 2006 08:34
À : freeradius-users@lists.freeradius.org
Objet : Re: Source IP address for proxy requests
El
Nicolas Baradakis wrote:
Yes you are correct. Abviously I didn't read the thread in enough
depth. It does bring up the issue that we maybe should have an optional
proxy_source_ip config option..
All IP protocol servers should offer each type of socket a configurable
bind address (or list of
Phil Mayers [EMAIL PROTECTED] wrote:
All IP protocol servers should offer each type of socket a configurable
bind address (or list of such). That is quite aside from the specifics
of this issue - that is, it solves other, much much harder to solve
problems than just this issue, and is
Angel L. Mateo wrote:
Freeradius is working fine with this configuration, except the proxy
module. The problema I have is that proxy requests are originated with
the IP address of the member, not the IP of the cluster. And I haven't
found any configuration option to configure this. Is
On the active server (the one that have 192.168.1.1) you have to delete the
route that route packets through 192.168.1.2 for subnet 192.168.1.1/24 and
make sure there's a route through 192.168.1.1 for subnet 192.168.1.1/24.
This way, all connexion initiate from this box will have source address
El lun, 25-09-2006 a las 14:46 +0200, Nicolas Baradakis escribió:
Angel L. Mateo wrote:
Freeradius is working fine with this configuration, except the proxy
module. The problema I have is that proxy requests are originated with
the IP address of the member, not the IP of the cluster.
Angel L. Mateo [EMAIL PROTECTED] wrote:
I note RADIUS packets are using UDP, which means they're connectionless.
I think you don't want a machine from the cluster send a proxy request,
and a different machine get the proxy reply. This wouldn't work.
This is an impossible situation,
Angel L. Mateo wrote:
El lun, 25-09-2006 a las 14:46 +0200, Nicolas Baradakis escribió:
Angel L. Mateo wrote:
Freeradius is working fine with this configuration, except the proxy
module. The problema I have is that proxy requests are originated with
the IP address of the member,
This is an impossible situation, because I have an active/standby
configuration of the cluster. Just one node is running the IP and the
server. The other node is just a backup one (in a normal environment).
I was confused because you didn't mention it was an active/backup
setup.
On Mon 25 Sep 2006 19:05, Nicolas Baradakis wrote:
Angel L. Mateo wrote:
El lun, 25-09-2006 a las 14:46 +0200, Nicolas Baradakis escribió:
Angel L. Mateo wrote:
Freeradius is working fine with this configuration, except the
proxy
module. The problema I have is that proxy
16 matches
Mail list logo