How to fix the proxy source port
Okis Chuang
okischuang at outlook.com
Tue Apr 30 04:23:58 CEST 2013
> Chuang Okis wrote:
> > I think you misunderstanding my point a bit. Maybe I don't express it
clear
> enough.
> > I only need fixing my *source port* instead of random port, I don't care
IP
> address at all.
>
> Ah, OK.
>
> > Actually, due to some maintenance issue, we want to know that could we
fix
> our arc port while our freeRADIUS AS A ROAMING CENTER. We are trying
> reducing the number of firewall logs. That's why we want to keep src port
the
> same.
>
> No there's no way to fix the source port.
>
> Even if you did, the server would dynamically open *new* source ports
> when it gets busy. That's how UDP applications work.
>
Ok, now I've saved lots of time finding any possible way to do this.
Thanks for being so concise about this issue.
> It should be OK to have a firewall rule which allows packets FROM the
> proxy IP, TO the home server IP and home server port. Adding the source
> port is pretty much pointless.
>
> Alan DeKok.
>
Hmm. That sounds making sense. I'll discuss with our firewall policy
manager about it.
However, thank you very much Alan.
Okis.
More information about the Freeradius-Users
mailing list