Received radius reply from wrong address
Oguzhan Kayhan
oguzhank at bilkent.edu.tr
Thu Jul 30 11:49:06 CEST 2009
On virtual servers here is my config.
listen {
ipaddr = 192.168.14.210
port = 1812
type = auth
virtual_server = dormnet
}
listen {
ipaddr = 192.168.16.210
port = 1812
type = auth
virtual_server = wireless
}
so no * for ipaddr.
and also i tried 192.168.14.210 and 192.168.14.211 to check if it makes
any difference on replying a client o a different subnet.
For ex. on apache if i create 2 virtual webservices listening on 2
different ip addesses, and if a client connects it, reply goes back from
the same source and dest ip addresses.. so i think OS's IP stack forks
fine with that.
Anyway for a temporary solution i instaled another radius on a different
ip for such cases.
> Oguzhan Kayhan wrote:
>> But as i see i got the msg Received radius reply from wrong address from
>> them whenever i try to send a req to radius for authentication.
>
> You need to put the real IP addresses into the "listen" section.
> Don't use "ipaddr = *"
>
>> It seems like radius answers back to the nas from first interface
>> instead
>> of replying from the original source address.
>
> That is because the OS chooses how to route packets.
>
>> Isnt radius suppose to reply with the same destination address it
>> receives???
>
> Yes. But if it doesn't know what the destination address is, it can't
> use that to send packets.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list