I have a freeradius server running authorizing via LDAP and
authenticating via Kerberos (very nice). We want to have an outside
company (outside our firewall) provide access to our users world wide. I
looked at proxy and didn't see much that I needed to do on my home
server save add the radius server to the clients.conf file.
client 123.183.47.16 {
secret = remains secret
shortname = irrelevant
nastype = other
}
...
When they try to connect on port 1814 I see an error of:
...
Listening on authentication *:1812
Listening on accounting *:1813
Listening on proxy *:1814
...
Nothing to do. Sleeping until we see a request.
rad_recv: Access-Request packet from host 123.183.47.16:48057, id=151,
length=70
Ignoring request from unknown home server 123.183.47.16:48057
--- Walking the entire request list ---
...
Have I inhaled too much laughing gas; shouldn't port 1814 authenticate
similar to 1812?
The data I got on 1814 was
12:07:48.072071 irrelevant.com.48057 > auth.ds.lanl.gov.1814: udp 70
(DF)
0x0000 4500 0062 0000 4000 2b11 9c3a 0c99 f710 [EMAIL PROTECTED]:....
0x0010 80a5 2f02 bbb9 0716 004e e902 01a0 0046 ../......N.....F
0x0020 7f11 569d 10f2 ea07 715c 300c 45a4 8349 ..V.....q\0.E..I
0x0030 0108 3038 3534 3037 0212 28c8 6f43 adda ..085407..(.oC..
0x0040 4aae e3ff 6f9a d262 bf07 0606 0000 0002 J...o..b........
0x0050 0406 ..
I think I can use port 1812, but thought that 1814 was designed for just
this sitation.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
