How to fix the proxy source port
Alan DeKok
aland at deployingradius.com
Mon Apr 29 20:14:39 CEST 2013
Chuang Okis wrote:
> I think you misunderstanding my point a bit. Maybe I don't express it clear enough.
> I only need fixing my *source port* instead of random port, I don't care IP address at all.
Ah, OK.
> Actually, due to some maintenance issue, we want to know that could we fix our arc port while our freeRADIUS AS A ROAMING CENTER. We are trying reducing the number of firewall logs. That's why we want to keep src port the same.
No there's no way to fix the source port.
Even if you did, the server would dynamically open *new* source ports
when it gets busy. That's how UDP applications work.
It should be OK to have a firewall rule which allows packets FROM the
proxy IP, TO the home server IP and home server port. Adding the source
port is pretty much pointless.
Alan DeKok.
More information about the Freeradius-Users
mailing list