CoA/DM over RADSEC - FreeRadius server ignores the CoA/DM request as Invalid when receives over TLS
saurabha.badhai at gmail.com
Tue Apr 7 15:48:11 CEST 2020
Thanks Alan for quick response.and pushed the fix. !!!
-/Saurabha Kumar Badhai
On Tue, Apr 7, 2020 at 6:45 PM Alan DeKok <aland at deployingradius.com> wrote:
> On Apr 7, 2020, at 8:15 AM, saurabha badhai <saurabha.badhai at gmail.com>
> > I am a freeradius use for long time since 2.1.12 releases.
> > Recently I upgraded to v3.0.16 and testing the CoA/DM over radsec part.
> > Already I tested the auhtntication and accounting over RADSEC and it
> > fine
> > But for CoA/DM over RADSEC, I see some enhancement is required in
> > freeradius server.
> > *[Description]*
> > On receiving the CoA/DM request from one freeradius server over TLS, I
> > freeradius server is discarding it with the below error.
> > *Error: Invalid packet code 45 sent to a proxy port from home server
> > 10.174.75.66 port 2084 - ID 154 : IGNORED*
> That is a CoA NAK. Yes, it should allow CoA / DM over TLS.
> > When I see the code where the error happens, I found like in
> > */src/main/tls_listen.c* under function *dual_tls_recv *we may required
> > include below two cases to solve this.
> That's for receiving CoA packets over TLS. Yes, that should be allowed,
> > After I added this above lines in the same place, CoA/DM works fine.
> > My asking is to help to review this changes and check if we can we
> > this changes in newer release.
> I've pushed some patches. That should help.
> Alan DeKok.
> List info/subscribe/unsubscribe? See
More information about the Freeradius-Devel