Re: Firewall Issue
"Leon" <[EMAIL PROTECTED]> wrote: > I was finally able to track down the problem using the debug setting on the > RADIUS server. Apparently, while the server receives requests for > authenication on port 1812 it sends the "accept" message on port 1036. Uh, no. FreeRADIUS doesn't do that. > Anybody know what the story with port 1036? I'll bet that the firewall is doing the port mapping. Use tcpdump to look at the packets sent out by FreeRADIUS, they WILL be sent from port 1812. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Firewall Issue
I was finally able to track down the problem using the debug setting on the RADIUS server. Apparently, while the server receives requests for authenication on port 1812 it sends the "accept" message on port 1036. Once I had my ISP pipe that thru the client worked GREAT!. Anybody know what the story with port 1036? Leon - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Firewall Issue
"Leon" <[EMAIL PROTECTED]> wrote: > Trying to authenicate thru firwalls on client and Server side. I can > authenicate inside the server firewall with out problem. I can authenicate > outside the server firewall from a dialup account. So no firewall there. > When I try to authenicate from inside my client firewall though I get > nothing. RADIUS depends on the client IP. With a firewall, you probably have to list the IP of the firewall. > I have the proper IP's configured in clients.conf. I know this because I get > an "Ignoring request from unknown client" error in the radius log with the > entry out. Ok... if you list that IP in "clients.conf" it should work. > I have tried both Solaris (java) clients and Windows clients. Both get no > response from server and no entries in the server log. If the server prints *nothing* in debugging mode, then it isn't seeing the request. If it does print something, then running it in debugging mode will tell you what went wrong. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
