Chris Taylor (chtaylo2) <chtaylo2@cisco.com> wrote:
Is it possible to have multiple secret strings per IP or maybe different domains per IP? If not, any recommendations?
Validating the shared secret is one of the very first things done in the RADIUS protocol; if it is not valid, the rest of the data in the packet is not trusted, so there is no trustworthy data outside the IP header to multiplex on. If the monitor utility can send to a different UDP port, I'd just do that and treat them like two different clients. The only hitch is the monitor could stay up when the service goes down if there is a firewalling SNAFU. If the only purpose of this test is for internal reachability determinations, see if using Status-Server is a possibility. Setting up end-to-end testing with a "real" client is sometimes advisable and makes the use of internal test clients a moot point.