what about run 3 coppies of radius on the server...
so you would have
radius 1 listens on first interface
radius 2 listens on second interface
radius 3 listens on loopback
thus radius 3 would be main raiusd while other 2 would act as radius proxys
probably not the most elegat way of doing it
Hello,
I hate to be an idiot, but this is my first time setting up a radius server
and I can't seem to find much documentation to help me. The mailing list
archive not being searchable doesn't help much either :)
Anyhow, I need to setup a radius server that authenticates requests for
using a new
On Tue, 12 Mar 2002 [EMAIL PROTECTED] wrote:
> we 've had similar problems with completely other systems (I mean nothing
> related with radius but the source IP was important as well).
> It seems not so easy to force the traffic leaving a unix-like machine on the
> "right" (logical) subinterface.
On Tue, 12 Mar 2002, Aaron Theodore wrote:
> what about run 3 coppies of radius on the server...
>
> so you would have
> radius 1 listens on first interface
> radius 2 listens on second interface
> radius 3 listens on loopback
>
Thats what I have done - but it shouldnt be necessary.
Wht do y
On Mon, 2002-03-11 at 22:39, lance wrote:
>
> I need to have radius bound to two ip's on a server, one for an internal
> network and one for external, but run up against a problem.
>
> With bind_address * , if a request comes in on the 2nd ip, freeradius
> sends the response out of the 1st ip,
On 12 Mar 2002, Eduardo Roldan wrote:
> On Mon, 2002-03-11 at 22:39, lance wrote:
> >
> > I need to have radius bound to two ip's on a server, one for an internal
> > network and one for external, but run up against a problem.
> >
> > With bind_address * , if a request comes in on the 2nd ip,
At 01:39 AM 3/12/2002 +, lance wrote:
>I need to have radius bound to two ip's on a server, one for an internal
>network and one for external, but run up against a problem.
>
>With bind_address * , if a request comes in on the 2nd ip, freeradius
>sends the response out of the 1st ip, eg :-
A
At 06:20 PM 3/11/2002 -0700, Charlie Watts wrote:
>On Mon, 11 Mar 2002, Chris Parker wrote:
> > At 10:18 AM 3/11/2002 -0700, Charlie Watts wrote:
> >
> > Hmmm, perhaps try using the += operator there.
>
>I don't get them back at all when I use +=. And looking at the docs &
>source, += doesn't seem
"tywe" <[EMAIL PROTECTED]> wrote:
> I hate to be an idiot, but this is my first time setting up a radius server
> and I can't seem to find much documentation to help me. The mailing list
> archive not being searchable doesn't help much either :)
They are searchable, just not from where you expe
lance <[EMAIL PROTECTED]> wrote:
> With bind_address * , if a request comes in on the 2nd ip, freeradius
> sends the response out of the 1st ip, eg :-
No. The *operating system* sends the request out the first IP.
'bind_address = *' means that you don't care where the requests are
sent to
Chris Parker <[EMAIL PROTECTED]> wrote:
> Are you running the latest CVS version? This was fixed since 0.4, so
> that replies are sent back out with the source ip being the ip on which
> it was received.
Not when using 'bind_address = *'.
There is no way to tell *which* IP the request was r
Dear Sirs,
I'm testing some Radius Accounting, Auth and RAS servers for
dial-up connections, and a choice is FreeRadius. I want to know if you
can help me answering some questions:
- what's the most stable platform (OS) to run Freeradius?
- Is there anybody runn
"Marcos Prudente" <[EMAIL PROTECTED]> wrote:
> - what's the most stable platform (OS) to run Freeradius?
It's probably used the most on Linux, but it's also stable on other
platforms.
> - Is there anybody running it with Solaris (Sparc) or OpenBSD
> (x86)?
Yes, Solaris. I'm no
Hi,
I have "similar" settings that are definitely working, here they are:
Ascend-Client-Primary-DNS = "x.x.x.x",
Ascend-Client-Secondary-DNS = "x.x.x.x",
Ascend-Data-Filter = "ip in forward dstip x.x.x.x/24",
Ascend-Data-Filter = "ip in drop",
Ascend-Data-Filter = "ip out forward",
X-Ascend-Clie
6 years with Cistron and now Freeradius on Unix/Linux with everything
from a 486 to a PIII 450 to AMD 1.4 absolutely no crashes or downtime.
We've migrated all our radius servers back to Pentium 233's (lowest we
could get new) and RAID mirrored 5400 IDE drives to cut down on heat.
Performance
I think I see now why our system office is recommending a Radius server. It
is their intention to provide a copy of the names and passwords, updating
them every few hours, for the students located at our campus.
What that means is we will, not be authenticating NT or 2000 PCs via a Unix
box, per
On Tue, 12 Mar 2002, Edgard Castro wrote:
> I have "similar" settings that are definitely working, here they are:
>
> Ascend-Client-Primary-DNS = "x.x.x.x",
> Ascend-Client-Secondary-DNS = "x.x.x.x",
> Ascend-Data-Filter = "ip in forward dstip x.x.x.x/24",
> Ascend-Data-Filter = "ip in drop",
> A
Normand Dionne <[EMAIL PROTECTED]> wrote:
> What that means is we will, not be authenticating NT or 2000 PCs via a Unix
> box, per say. We will make the requests to the Radius server with a reduced
> copy of the Unix password file on it.
If the NT and 2000 machines can do authentication via RAD
I'm running it on a dual processor (UltraSPARC II 450 - 4Mb cache) e450
running Solaris 7. Other than the race condition that causes it to stop
answering requests (v0.4) it seems very happy.
I'm using Lucent/Ascend gear...so I can't comment on 3Com RASs.
Cheers,
Mike
Alan DeKok wrote:
> "M
At 01:44 PM 3/12/2002 -0500, Mike Cathey wrote:
>I'm running it on a dual processor (UltraSPARC II 450 - 4Mb cache) e450
>running Solaris 7. Other than the race condition that causes it to stop
>answering requests (v0.4) it seems very happy.
Running here on similar dual proc US-II platforms.
Hello,
As an input, we are currently running FreeRADIUS in a Linux environment
without major problems. We had just a couple of issues with SQL accounting
(back to flat-text logging). Everything else (we use pam and ldap
autentication) is just fine!
Two P3 1Ghz servers for something around 400k u
I am currently running FreeRadius 0.4 on both Solaris x86 2.6 on a
dual-processor Xeon machine, and FreeBSD 4.3 on a single processor P3
machine. FreeBSD is marginally more stable. That is to say that Solaris
has hung once, whereas FreeBSD has never hung... I suspect that Solaris
would have hung
On Tue, 12 Mar 2002 13:05:54 -0500
"Alan DeKok" <[EMAIL PROTECTED]> wrote:
> Normand Dionne <[EMAIL PROTECTED]> wrote:
> > What that means is we will, not be authenticating NT or 2000 PCs via a Unix
> > box, per say. We will make the requests to the Radius server with a reduced
> > copy of the Un
On Tue, 12 Mar 2002, Alan DeKok wrote:
> lance <[EMAIL PROTECTED]> wrote:
> > Also - is it a bug or a feature that unless debug_level is set to 0 in
> > radiusd.conf all logging stops ???
>
> You shouldn't be playing with 'debug_level' in a live server, unless
> something's seriously wrong.
On Tue, 12 Mar 2002, Alan DeKok wrote:
> Chris Parker <[EMAIL PROTECTED]> wrote:
> > Are you running the latest CVS version? This was fixed since 0.4, so
> > that replies are sent back out with the source ip being the ip on which
> > it was received.
>
> Not when using 'bind_address = *'.
>
lance <[EMAIL PROTECTED]> wrote:
> Ahh - so 'bind_address = *' is useless for Radius unless you only have a
> single ip on the machine ;)
No, it's useful for multiple iP's, just so long as you don't have
multiple IP aliases on the same interface.
I will probably add an Apache-style 'listen'
Throwing in my 2 cents...we are running 0.4 on 2 FreeBSD boxes and have
had absolutely no trouble. One is a Ghz Athlon and the other is a
500Mhz Celeron, each with 256 mb of ram, they handle a reasonable number
of requests...and barely break .5% of utilization under normal load.
We did a test fi
Rens Houben <[EMAIL PROTECTED]> wrote:
> A closer look at the log files revealed the following repeated error
> message:
>
> Mon Mar 11 20:36:54 2002 : Error: WARNING: Malformed RADIUS packet from
> host aaa.bbb.ccc.ddd: Invalid attribute 0
Yup. You've received a bad packet. The RADIUS clien
In article <[EMAIL PROTECTED]>,
Alan DeKok <[EMAIL PROTECTED]> wrote:
>Chris Parker <[EMAIL PROTECTED]> wrote:
>> Are you running the latest CVS version? This was fixed since 0.4, so
>> that replies are sent back out with the source ip being the ip on which
>> it was received.
>
> Not when using
On Tue, 12 Mar 2002, Alan DeKok wrote:
> lance <[EMAIL PROTECTED]> wrote:
> > Ahh - so 'bind_address = *' is useless for Radius unless you only have a
> > single ip on the machine ;)
>
> No, it's useful for multiple iP's, just so long as you don't have
> multiple IP aliases on the same interf
30 matches
Mail list logo
