Jason Rohm wrote: > In many cases I don't control the firewall, so I have to account for this. > Additionally, not putting a reasonable lifetime limit on TCP connections > opens you up to NAT-based DoS attacks.
Yes. >> When FreeRADIUS acts as client (i.e. proxy to home server), it will >> send watchdog packets. > > Is this default, or do I need to configure it? If it is default, it > doesn't seem to be working in my configuration. It *should* work. It's a bit of a mystery why it doesn't. It should be fixed before 3.0 is released. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html