How to forward MAC-authentiation-requests over a FreeRADIUS-proxy to a FreeRADIUS-server?

Alan DeKok aland at deployingradius.com
Wed Oct 8 04:11:53 CEST 2008


r.bruengel at freenet.de wrote:
> Well, when I set up my FreeRADIUS-proxy and want to use it the following message appears in the radius.log of my FreeRADIUS-proxy:
> 
> Error: Invalid packet code 1 sent to a proxy port from home server 192.168.1.58 port 1864 - ID 177 : IGNORED

  The client is sending Access-Requests to the proxy port.  This isn't
good.  It's also hard to do, because the proxy port *isn't* 1812.  It's
usually 1814.  And the client doesn't send packets to port 1814 unless
you've edited it's configuration, and told it that the server port is 1814.

> So, that should be the way:
> Switch          ->      FR-proxy        ->      FR-server
> 192.168.1.58            192.168.1.80            192.168.1.61

  Except you haven't done that.  You've configured 192.168.1.58 as a
home server for the proxy.  Instead, you need to configure that IP as a
client.

  And the configuration you posted does NOT match the error message.
That error message occurs ONLY when the proxy has 192.168.1.57 listed as
a "home_server".

  Please double-check your configuration, and post the full debug log.
If you don't know what's going wrong, you don't know what part of the
debug log can be used to help solve this problem.  There's a REASON that
the FAQ, README, INSTALL, "man page", radiusd.conf, and daily messages
on this list say to post the debug log.  We really need it.

 Alan DeKok.



More information about the Freeradius-Users mailing list