lifetime and idle_timeout in clients.conf
Alan DeKok
aland at deployingradius.com
Sun Apr 15 11:17:21 CEST 2012
Jason Rohm wrote:
> In many cases I don't control the firewall, so I have to account for this.
> Additionally, not putting a reasonable lifetime limit on TCP connections
> opens you up to NAT-based DoS attacks.
Yes.
>> When FreeRADIUS acts as client (i.e. proxy to home server), it will
>> send watchdog packets.
>
> Is this default, or do I need to configure it? If it is default, it
> doesn't seem to be working in my configuration.
It *should* work. It's a bit of a mystery why it doesn't. It should
be fixed before 3.0 is released.
Alan DeKok.
More information about the Freeradius-Users
mailing list