On 07/12/2013 06:46 PM, Michael wrote: > also, Change-Filter-Request-NAKed would also need to be in that list.
Hello Michael, I tested with this setup: radpwtst -> R1 -> R2 where R1 is a simple proxy Radiator and R2 is Radiator that replies with Change-Filter-NAKed or Disconnect-Request-NAKed. It also adds Error-Cause and Reply-Message to the responses. This is done with AuthBy INTERNAL. R1 config is simply this: <Client DEFAULT> Secret mysecret </Client> <Handler> <AuthBy RADIUS> Secret mysecret Host 127.0.0.1 AuthPort 1812 AcctPort 1813 </AuthBy> </Handler> With the above setup the NAKed responses were proxied back to radpwtst correctly. Also the ACKed responses were proxied fine. R1 logs the message from R2 like this: DEBUG: Packet dump: *** Received from 127.0.0.1 port 1812 .... Code: Disconnect-Request-NAKed Identifier: 1 Authentic: C<235><235>T<17><153>RG<130><221><213><213><27><223>"<184> Attributes: Reply-Message = "No Matching Session" Error-Cause = Session-Context-Not-Found INFO: Disconnect-Request rejected: No Matching Session DEBUG: Packet dump: *** Sending to 127.0.0.1 port 44624 .... Code: Disconnect-Request-NAKed Identifier: 90 Authentic: ZNg<23>3<165>a<23>'<222><235><201><189><155><14> Attributes: Reply-Message = "No Matching Session" Error-Cause = Session-Context-Not-Found The INFO line is logged by Handler which forwards the request back to radpwtst even if the request type was not added the the ACCEPTed request types. I wonder if you have a (very) old Radiator or more likely, a configuration that causes NAKed messages to be rejected. Thanks, Heikki -- Heikki Vatiainen <h...@open.com.au> Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator