How to accept RADIUS traffic on multiple interfaces?

McNutt, Justin M. McNuttJ at missouri.edu
Wed Aug 14 22:20:52 CEST 2013


Also don't forget to disable (or modify) SELinux.  If memory serves, RHEL 6 comes with that enabled by default as well.

--J

-----Original Message-----
From: freeradius-users-bounces+mcnuttj=missouri.edu at lists.freeradius.org [mailto:freeradius-users-bounces+mcnuttj=missouri.edu at lists.freeradius.org] On Behalf Of Matteo Vocale
Sent: Wednesday, August 14, 2013 2:32 PM
To: FreeRadius users mailing list
Subject: Re: How to accept RADIUS traffic on multiple interfaces?

Before running radius in debug mode, try iptables -F with root privileges, it disables iptables default rules

Phil Mayers <p.mayers at imperial.ac.uk> ha scritto:

>On 14/08/13 15:07, Kurt Hillig wrote:
>
>> But radiusd isn't seeing any of the inbound RADIUS traffic on eth1 - 
>> tcpdump shows it coming in, but "radiusd -X" shows no indication of 
>> this traffic (but is reporting all of the traffic on eth0).
>
>If "radiusd -X" isn't reporting *anything*, then it's not reaching 
>FreeRADIUS, which means some part of the network stack is dropping it.
>
>If you're sure your iptables are correct, google "linux log martians" 
>and "linux rp filter". RHEL6 has different defaults to previous RHEL 
>versions in this regard.
>-
>List info/subscribe/unsubscribe? See 
>http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


More information about the Freeradius-Users mailing list