You may wish to use the radius-tools package (correct me if the package name is wrong, List) which is included with freeradius to send test packets from the test application to the Freeradius server, and it'll show you what the attributes you're sending and what the server replies with.
You can then do this again to your AIX server and see how the response is different - this will involve adding your test client machine as a NAS in the AIX machine's clients file.
Basically you need to eavesdrop on the connection between the radius client and new/old servers, and compare and contrast the replies. This is the best way to work out "What has changed?"
Hope this helps,
Jan
On 08/01/07, Tim Tyler <tyler@beloit.edu> wrote:
FreeRadius experts,
We are trying to run FreeRadius on a RedHat AS 2.1 system. We use
an external password file for authentication defined in the unix
system (password = filename) section of radius.conf. This seems to
work fine. Modem users can authenticate to our old 3com Total
Control modem pool, but users can not access the Internet. They can
access all local domain servers on campus, but they can't get off
campus. This really should not be a firewall issue as the same ip
addresses are still associated with the modem pool.
Note: if we go back to our old Lucent Technology radius server
running on AIX, everybody is fine and can access the Internet again.
I am trying to find out what might cause a modem pool to only work
locally (access servers on our campus) after switching to FreeRadius
particularly since it seems that the authentication part is
working? I know that the 3com Total Control modem pool is rather old
but I don't know why it would behave differently from one radius
server to another as long as authentication works.
I read in one of the FreeRadius archives that some users have
experienced a similar problem of either very slow or won't work at
all for some customers accessing the Internet via Freeradius
authentication until they modified the MTU setting. This is curious
to me. Is there a place in FreeRadius that I might change the mtu
setting given that I am using an external unix password crypt file
for all authentication? If so, what mtu setting might be recommended?
Is there another possible explanation that might relate to Freeradius?
any thoughts are much appreciated?
Tim Tyler
Network Engineer - Beloit College
tyler@beloit.edu
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html