Oleg Derevenetz <[EMAIL PROTECTED]> wrote: > When I enabled Simultaneous-Use check for some user classes, I've > got the same problem as Mervyn Jack - invalid packets with fake > Client-IP-Address.
That's really weird. The Client-IP-Address is taken from request->packet->src_ipaddr, which is taken directly from the recv_from() system call. So if the address is wrong, then it sounds to me like the OS is lying to the server about where the packet came from. > Client-IP-Address = 70.114.105.32 [FAKE !] Does this address have *any* relation to addresses on your network, or is it random (and changing) garbage? > These packets arrived only when user with Simultaneuos-Use (atuser in this > case) tried to login and checkrad returned OK (this user already exists on > NAS). I find it *really* bizarre that the NAS is sending fake accounting records when it's queried via checkrad. Have you used 'tcpdump' from another machine, to verify that the packet is sent on the wire, and isn't some artifact of the server and/or OS? If the packet *is* coming from the NAS, have you asked Ascend/Cisco for support? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html