>
> Hi,
>
> > Tech calls in and say that he can't get an appliance working in the
> > field.
> > I ask him what secret he's using and the IP address of the appliance. I
> > want to
> > be able to be locally logged onto the radius server and use
> > radtest/radclient/rad????
> > to be able to query radius asking "If I was IP, and I gave you SECRET,
> > would you
> > authorize me?".
> >
> > So I want to be on 1.2.3.4, but say I'm on 3.4.5.6 . Right now, If I
> > say I'm on 3.4.5.6, it still wants the secret for 1.2.3.4 .
>
> you want to spoof the source address? tricky. one 'easy' way to do this would
> be to create a local VPN/GRE tunnel on the linux box under which you could
> emulate a remote link.
>
> configure freeradius to also listen on that virtual address, run the
> radclient with the destination being the end point of the VPN - the
> linux routing tables would then come into play. you'd have to
> reconfigure the VPN end addresses etc each time to emulate an
> outside world link...but it would work.
>
Not worth it. All I'm looking to do is get programatic confirmation
that the ip/secret combination in the field is correct. Since this is an
appliance, not an OS, I don't have access to radtest on the appliance. To
have someone start setting up VPN/GRE/etc is more hassle than its worth.
I just have to tell the tech to RTFD closer. I was just hoping I could
put together a local form on a webserver that could shell out to a script
to make the test.
We'll just have to suffer. :) (Or ask the manufacturer to include
a utility in the "diagnostic" section)
Thanks, Tuc
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
