Freeradius and What's Up Gold Question
Linda Pagillo
linda at n2thenet.com
Thu Oct 20 21:49:46 CEST 2005
Hi everyone:
I'm going to try to explain this as best I can. I'm using Freeradius 1.0.5 on a Linux Redhat 9 server. I have a network monitoring program on another computer called What's Up Gold. It is made by a company called Ipswitch. There is a setting in the WUG program that lets you monitor a radius server. This is how Ipswitch explains how it works:
"What we specified for a test is an INVALID test for the userid TEST as it not encoded using the secret key. Then what we expect back is a response telling us the userid doesn't exist. The main key for making it work on Radius servers is to ensure the requesting workstation has permissions to send Radius requests. This seems to be the most common error in implementation by users. You will have to include the Monitor station (that is, the computer running WUG) in the /etc./raddb/clients file on the Radius server."
I completely understand what it is saying and I have done this. Now that I have given you some background on how this works, here is my actual situation and question:
I keep getting false positives on my WUG telling me that freeradius is down even though it's not. This does not happen everytime WUG sends a request to the radius. It happens at random. When I search in the radius logs it shows that the request is being sent to freeradius from WUG and the user TEST is indeed being rejected just like it's suppose to. The request is sent to the radius every 20 minutes and it makes it there every time.
Now, the way I see it, it can be one of two things... The first... I have my WUG set at 5 seconds as a time out. Could freeradius, at times, be taking more than 5 seconds to respond to a sent request? if this is the case, I figure it would take my customers a few times to dial up and get authenticated at times, which is not a good thing since I work for an ISP. We haven't had any customers calling tech support about this, but still we can't rule it out just yet.
The second... does freeradius lock out users after a certain amount of bad requests and if so, is there a configuration change that I can make to avoid this? I have looked all over for an answer to this question and I haven't found it, so I thought I'd post it here with the hope that someone would know.
I'm sorry about the huge post. I just wanted to give enough information for the person/people that may help me with this. Thank you and I look forward to any response.
By the way, I just wanted to say thanks to everyone that has helped me in the past, especially Mr. DeKok who has had much patience with me. I love your freeradius program. It's the best radius server I have used yet. Thank you for giving it to us for free and for all of your support because I do realize that you don't need to give any support if you didn't want to. You are much appreciated.
Linda Pagillo
Director of Technical Services
N2 The Net, LLC
lpagillo at n2thenet.com
931-372-9179
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20051020/19984834/attachment.html>
More information about the Freeradius-Users
mailing list