How to fix the proxy source port

Okis Chuang okischuang at
Tue Apr 30 04:23:58 CEST 2013

> Chuang Okis wrote:
> > I think you misunderstanding my point a bit. Maybe I don't express it
> enough.
> > I only need fixing my *source port* instead of random port, I don't care
> address at all.
>   Ah, OK.
> > Actually, due to some maintenance issue, we want to know that could we
> our arc port while our freeRADIUS AS A ROAMING CENTER. We are trying
> reducing the number of firewall logs. That's why we want to keep src port
> same.
>   No there's no way to fix the source port.
>   Even if you did, the server would dynamically open *new* source ports
> when it gets busy.  That's how UDP applications work.
	Ok, now I've saved lots of time finding any possible way to do this.

	Thanks for being so concise about this issue.

>   It should be OK to have a firewall rule which allows packets FROM the
> proxy IP, TO the home server IP and home server port.  Adding the source
> port is pretty much pointless.
>   Alan DeKok.

	Hmm. That sounds making sense. I'll discuss with our firewall policy
manager about it.
	However, thank you very much Alan.


More information about the Freeradius-Users mailing list