FWIW, I just tried it again on that same RADIUS server . I changed my DEFAULT entry in my users file from:
DEFAULT Auth-Type := PAM to Simultaneous-Use := 1, Auth-Type := PAM and POOF...for any particular RAS I'd get three valid packets, than a bogus one, then another two or three good ones, then another bogus - just like I saw when I tried this last. The NAS-IP-Address would always be correct, but the Client-IP-Address would be garbage. Oh, and the Acct-Session-Time, -Input-Octets, -Output-Octets, -Input-Packets, and -Output-Packets would all be 0. I turned it off before I did too much damage, so I didn't have time to packet sniff or anything. This was a right around 0.4 CVS version, but the exact date escapes me right now. I can provide complete config files if anyone is interested, but I'm going to try this with the current CVSs first. Oh, and Linux 2.4.9. Chris Kalin ----- Original Message ----- From: "Alan DeKok" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, April 26, 2002 11:32 AM Subject: Re: Client-IP-Address occasionally incorrect > Oleg Derevenetz <[EMAIL PROTECTED]> wrote: > > When I enabled Simultaneous-Use check for some user classes, I've > > got the same problem as Mervyn Jack - invalid packets with fake > > Client-IP-Address. > > That's really weird. The Client-IP-Address is taken from > request->packet->src_ipaddr, which is taken directly from the > recv_from() system call. > > So if the address is wrong, then it sounds to me like the OS is > lying to the server about where the packet came from. > > > Client-IP-Address = 70.114.105.32 [FAKE !] > > Does this address have *any* relation to addresses on your network, > or is it random (and changing) garbage? > > > These packets arrived only when user with Simultaneuos-Use (atuser in this > > case) tried to login and checkrad returned OK (this user already exists on > > NAS). > > I find it *really* bizarre that the NAS is sending fake accounting > records when it's queried via checkrad. > > Have you used 'tcpdump' from another machine, to verify that the > packet is sent on the wire, and isn't some artifact of the server > and/or OS? > > If the packet *is* coming from the NAS, have you asked Ascend/Cisco > for support? > > Alan DeKok. > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html