On Apr 7, 2020, at 8:15 AM, saurabha badhai <saurabha.badhai@gmail.com> wrote:
I am a freeradius use for long time since 2.1.12 releases.
Thanks!
Recently I upgraded to v3.0.16 and testing the CoA/DM over radsec part. Already I tested the auhtntication and accounting over RADSEC and it works fine
But for CoA/DM over RADSEC, I see some enhancement is required in freeradius server.
*[Description]* On receiving the CoA/DM request from one freeradius server over TLS, I see freeradius server is discarding it with the below error.
*Error: Invalid packet code 45 sent to a proxy port from home server 10.174.75.66 port 2084 - ID 154 : IGNORED*
That is a CoA NAK. Yes, it should allow CoA / DM over TLS.
When I see the code where the error happens, I found like in */src/main/tls_listen.c* under function *dual_tls_recv *we may required to include below two cases to solve this.
That's for receiving CoA packets over TLS. Yes, that should be allowed, too.
After I added this above lines in the same place, CoA/DM works fine. My asking is to help to review this changes and check if we can we include this changes in newer release.
I've pushed some patches. That should help. Alan DeKok.