FreeRadius Version: FreeRADIUS Version 1.1.3<br><br>Ok here is the situation I have freeradius sitting between two networks<br>
10.10.10.0 and 192.168.0.0, I want to combine freeradius and heartbeat so I<br>
can have a failover if one of the freeradius servers where to crash or<br>
needed to be upgraded.<br>
<br>
I'm using freeradius as a proxy by the way so on the 10.10.10.0 subnet is<br>
where one of the radius servers lives which freeradius is proying back to.<br>
<br>
When a client sends a request to the IP of eth0 on the freeradius server<br>
lets say its 192.168.0.20 everything is fine the radius request is sent out<br>
eth1 which has an IP address of 10.10.10.20 and connects to the backend radius<br>
server at 10.10.10.5 (this is just an example), then 10.10.10.5 sends the<br>
packet back to 10.10.10.20 (which again is eth1 on the freeradius server),<br>
then the packet is sent back to the client with the SOURCE address of<br>
192.168.0.20 and the client accepts the auth request.<br>
<br>
HOWEVER, when I setup a VIP eth0:0 with an IP address of 192.168.0.30 and<br>
the client sends the radius request to this IP the following happens (and I<br>
know I've been sniffing traffic all day lol) the freeradious server receives<br>
the request on 192.168.0.30 and sends the Access Request out eth1 at<br>
10.10.10.20 to the radius server on the backend at 10.10.10.5 which sends<br>
the Access Accept to eth1 of the free radius server 10.10.10.20 and the<br>
freeradius server sends the packet back to the client with the source<br>
address of 192.168.0.20.<br>
<br>
Well this is a problem because the client sent Access Request to<br>
192.168.0.30 (eth0:0) NOT to 192.168.0.20 (eth0) and the client rejects the<br>
Access Accept.<br><br>Thanks for any help you can offer! <br><br>Brian<br>