Hello everyone, I use MAC-authentication and got some problems by using a FreeRADIUS as a proxy to tunnel requests and answers between my switch and my normal FreeRADIUS-server.
When I tested MAC-authentication with my switch and FreeRADIUS-server without anything between it worked fine. The MAC-address has been used as username and cleartext-password. Well, when I set up my FreeRADIUS-proxy and want to use it the following message appears in the radius.log of my FreeRADIUS-proxy: Error: Invalid packet code 1 sent to a proxy port from home server 192.168.1.58 port 1864 - ID 177 : IGNORED The port and the ID vary the port is counted up by every try and the ID well, I dont know. I just want to forward the MAC-address and the cleartext-password to my FreeRADIUS-server. When this data arrives at my FreeRADIUS-server it should be checked and the authentication answer should be sent back to my FreeRADIUS-proxy which forwards it to my switch. I hope that you can help me I just started to work with FreeRADIUS, so Im just a rookie. Heres some data: FreeRADIUS: V 2.0.4 Operating System: Debian Lenny (testing) Kernel: 2.6.25-2-686 Switch: Foundry EdgeIron 2402CF FreeRADIUS-server: 192.168.1.61 FreeRADIUS-proxy: 192.168.1.80 Switch: 192.168.1.58 The following configuration belongs to my FreeRADIUS-server: radiusd.conf listen { type = auth ipaddr = 192.168.1.61 #FreeRADIUS-server IP port = 1812 } [ ] proxy_requests = no clients.conf client 192.168.1.80 { secret = testing123 } The following configuration belongs to my FreeRADIUS-proxy: radiusd.conf listen { type = proxy ipaddr = 192.168.1.80 #FreeRADIUS-proxy IP port = 1812 } proxy.conf proxy server { default_fallback = no } home_server RADIUS_SERVER { type = auth ipaddr = 192.168.1.61 #FreeRADIUS-server IP port = 1812 secret = testing123 [ ] } home_server_pool RADIUS_SERVER_POOL { type = fail-over home_server = RADIUS_SERVER } realm RADIUS_REALM { auth_pool = RADIUS_SERVER_POOL } The following configuration belongs to my switch: RADIUS-Server: 192.168.1.80 #FreeRADIUS-proxy Port: 1812 Key: testing123 So, that should be the way: Switch -> FR-proxy -> FR-server 192.168.1.58 192.168.1.80 192.168.1.61 In advance: Thanks a lot for your help! Best regards from Germany, Raphael Brüngel - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html