Proxy not sending out packets (was Re: Proxying a PEAP request to an IAS server)
Alan DeKok
aland at ox.org
Wed Nov 9 07:20:51 CET 2005
Dan Newcombe <DanNewcombe at mail.clayton.edu> wrote:
> The short of it is I'm trying to get 802.1x with PEAP to be proxied by
> freeradius to an ias radius server.
Start simple. Use PAP, and "radtest" to send the packets. If that
makes FreeRADIUS proxy the packets, then go to PEAP. Otherwise,
you're test is just too complicated, and you don't know what's going
wrong.
> It appears I have everything working with one small exception -
> freeradius seems to be unwilling to send a packet to the ias radius server.
> I will put more of the logs below, but the gist of it is at this part of
> the process:
> Sending Access-Request of id 1 to 172.28.240.114:1812
> (where 172.28.240.114 is the ias box) no packet appears to be dropped on
> the network.
This is really an issue with the kernel, I think. If FreeRADIUS
calls the kernel "send packet" function, it should work.
> best deduction is that for some reason in proxying, freeradius does not
> want to send a packet.
Can you ping the IAS server from 172.28.240.73? Can you use
"radtest" on 172.28.240.73 to send packets to IAS?
If radtest doesn't send packets to IAS, then 172.28.240.73 has
firewall rules that block outgoing RADIUS traffic.
Alan DeKok.
More information about the Freeradius-Users
mailing list