Tim,
I did not mean to insult any one, I just sensed a sarcastic response, that I did not deserve. Sorry! Alex -----Original Message----- From: freeradius-users-bounces+alexbahoor=sbcglobal....@lists.freeradius.org [mailto:freeradius-users-bounces+alexbahoor=sbcglobal....@lists.freeradius.o rg] On Behalf Of Tim Sylvester Sent: Saturday, December 05, 2009 4:00 PM To: 'FreeRadius users mailing list' Subject: RE: Config Examples Alex, You are insulting people that are trying to help you, for FREE. Chill out! When you did netstat -a, you probably did something like this: [r...@springy html]# netstat -a Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 *:ldap *:* LISTEN tcp 0 0 *:mysql *:* LISTEN tcp 0 0 *:sunrpc *:* LISTEN tcp 0 0 *:ftp *:* LISTEN tcp 0 0 springy.smartcow.com:ipp *:* LISTEN tcp 0 0 springy.smartcow.com:smtp *:* LISTEN tcp 0 0 *:rndc *:* LISTEN tcp 0 0 *:ldap *:* LISTEN tcp 0 0 *:http *:* LISTEN tcp 0 0 *:ssh *:* LISTEN tcp 0 0 *:https *:* LISTEN tcp 0 132 springy.smartcow.com:ssh sporky.smartcow.com:55457 ESTABLISHED tcp 0 0 springy.smartcow.com:ssh sporky.smartcow.com:64928 ESTABLISHED tcp 0 0 springy.smartcow.com:ssh sporky.smartcow.c:ddi-tcp-5 ESTABLISHED tcp 0 0 springy.smartcow.com:ssh sporky.smartcow.com:64026 ESTABLISHED udp 0 0 *:radius *:* udp 0 0 *:radius-acct *:* If you look carefully at the headings, you will see that *:* is the in "Foreign Address" column. Reading the man page for netstat shows that the Local Address and Foreign address column are: Local Address Address and port number of the local end of the socket. Unless the --numeric (-n) option is specified, the socket address is resolved to its canonical host name (FQDN), and the port number is translated into the corresponding service name. Foreign Address Address and port number of the remote end of the socket. Analogous to "Local Address." Since RADIUS uses UDP and is connectionless, the concept of the remote end of the socket doesn't mean much. If you READ the man page, you can use the netstat -an, which will show port numbers and IP address numbers. You will see something like: [r...@springy html]# netstat -an Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:389 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:953 0.0.0.0:* LISTEN tcp 0 0 :::389 :::* LISTEN tcp 0 0 :::80 :::* LISTEN tcp 0 0 :::22 :::* LISTEN tcp 0 0 :::443 :::* LISTEN tcp 0 0 ::ffff:10.0.0.91:22 ::ffff:10.0.0.242:55457 ESTABLISHED tcp 0 0 ::ffff:10.0.0.91:22 ::ffff:10.0.0.242:64928 ESTABLISHED tcp 0 0 ::ffff:10.0.0.91:22 ::ffff:10.0.0.242:8892 ESTABLISHED tcp 0 0 ::ffff:10.0.0.91:22 ::ffff:10.0.0.242:64026 ESTABLISHED udp 0 0 0.0.0.0:1812 0.0.0.0:* udp 0 0 0.0.0.0:1813 0.0.0.0:* The last two lines are the entries for the RADIUS server listening on port 1812 for authentication requests and on port 1813 for accounting requests. *:* has nothing to do with dynamic ports. Go back and read the information in the configuration files, man pages, web site, and mailing lists. Then if you have some other questions, send you questions to the mailing list in a respectful, grateful manner. Tim Since radius uses UDP the "F > -----Original Message----- > From: freeradius-users- > bounces+tim.sylvester=networkradius....@lists.freeradius.org > [mailto:freeradius-users- > bounces+tim.sylvester=networkradius....@lists.freeradius.org] On Behalf > Of Alex Bahoor > Sent: Saturday, December 05, 2009 2:43 PM > To: 'FreeRadius users mailing list' > Subject: RE: Config Examples > > > You're missing the point. This is how networking works. > > Alex > > -----Original Message----- > From: freeradius-users- > bounces+alexbahoor=sbcglobal....@lists.freeradius.org > [mailto:freeradius-users- > bounces+alexbahoor=sbcglobal....@lists.freeradius.o > rg] On Behalf Of t...@kalik.net > Sent: Saturday, December 05, 2009 2:26 PM > To: FreeRadius users mailing list > Subject: RE: Config Examples > > > This is a fact--the internet would not work if DNS uses dynamic port > to > > listen to? You must understand, all these known port numbers are used > to > > start up client connections > > Ok, let's say you want to use port 1645 for radius authentication. What > do > you do? Go round the shops and see if they have a device with that one? > Or > should you have flexibility ot use 1645 or 1812 as you please? Or > should > 1645 now be banned for use with radius because it confuses you? > > Ivan Kalik > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > > > __________ Information from ESET NOD32 Antivirus, version of virus > signature > database 4663 (20091205) __________ > > The message was checked by ESET NOD32 Antivirus. > > http://www.eset.com > > > > __________ Information from ESET NOD32 Antivirus, version of virus > signature > database 4663 (20091205) __________ > > The message was checked by ESET NOD32 Antivirus. > > http://www.eset.com > > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html __________ Information from ESET NOD32 Antivirus, version of virus signature database 4663 (20091205) __________ The message was checked by ESET NOD32 Antivirus. http://www.eset.com __________ Information from ESET NOD32 Antivirus, version of virus signature database 4663 (20091205) __________ The message was checked by ESET NOD32 Antivirus. http://www.eset.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html