Proxy CoA packet from network control to NAS(same as CoA server) configs in case of many many NASes.

Sergey Komarov sergey.komaroff at gmail.com
Fri Jul 17 12:34:05 CEST 2015


Hello Alan,


Could you please test it one more time with 3.0.9 or you tested recently? I
have configuration with home server and type coa and port 1700, but when I
try to use Dst-IP I get message as below:

(43) Received CoA-Request Id 169 from 10.1.1.2:36622 to 10.1.1.174:3799
length 113
(43)   User-Name = "e4-8b-7f-8b-d3-79"
(43)   Calling-Station-Id = "e4-8b-7f-8b-d3-79"
(43)   Cisco-AVPair = "subscriber:command=account-reauthenticate"
(43)   NAS-IP-Address = 10.56.33.174
(43) # Executing section recv-coa from file
/usr/local/etc/raddb/sites-enabled/coa
(43)   recv-coa {
(43)     [suffix] = noop
(43)     update control {
(43)       Packet-Dst-IP-Address := &NAS-IP-Address -> 10.56.33.174
(43)     } # update control = noop
(43)     [ok] = ok
(43)   } # recv-coa = ok
No such home server 10.56.33.174 port 3799
(43) Not sending reply to client.
(43) Finished request


When I try to force Dst-port 1700 (anyway it is in home server config) I
will get same error and random port number (No such home server
10.56.33.174 port 20). I'm using CenOS 6.
I don't know may be my compilation have some troubles but rest of functions
are working normally.

Also if I use home server pool name it works ok, thats strange. Thank you
in advance for your help!


Best Regards, Sergey Komaroff


--------------clients.conf---------------
client wlc_1 {
        ipaddr          = 10.56.33.174
        $template client_wlc
        coa_server      = wlc1
}


client wlc_2 {
        ipaddr          = 10.0.249.253
        $template client_wlc
        coa_server      = wlc2
}

client wlc_3 {
        ipaddr          = 10.56.33.190
        $template client_wlc
        coa_server      = wlc3
}
-------------------------------------------
-- proxy.conf-------------------------
home_server wlc1 {
        ipaddr = 10.56.33.174
        $template home_server
}

home_server wlc2 {
        ipaddr = 10.0.249.253
        $template home_server
}

home_server wlc3 {
        ipaddr = 10.56.33.190
        $template home_server
}

home_server_pool 10.56.33.174 {
            home_server = wlc1
            }
home_server_pool 10.0.249.253 {
            home_server = wlc2
            }
home_server_pool 10.56.33.190 {
            home_server = wlc3
            }
-------
-------templates.conf------------

home_server {
        type = coa
        port = 1700
        secret = secret
        require_message_authenticator = no
        response_window = 20
        zombie_period = 40
        revive_interval = 120
        status_check = none
        check_interval = 30
        num_answers_to_alive = 3
                coa {
                    irt = 2
                    mrt = 16
                    mrc = 5
                    mrd = 30
                    }
        }

client_wlc {
                secret = secret
                nas_type = cisco
        }
---------------------------------------------



On Thu, Jul 16, 2015 at 11:42 PM, Alan DeKok <aland at deployingradius.com>
wrote:

> On Jul 16, 2015, at 4:26 PM, Sergey Komarov <sergey.komaroff at gmail.com>
> wrote:
> > I use 3.0.9, it doesn't works, thats why I asked about it, in case of
> > dst-ip or dst-ip and dst-port I get same results - I get message "no home
> > server x.x.x x". I will send detailed log later.
>
>   Well, it worked in all of my tests.  But I did define a "home_server" of
> "type = coa" for that IP address / port.
>
>   Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>


More information about the Freeradius-Users mailing list