Radclient receives response messages from different source port than destination port of request messages
Arran Cudbard-Bell
a.cudbardb at freeradius.org
Thu May 30 14:26:51 CEST 2013
On 30 May 2013, at 05:23, rosario.mattera at accenture.com wrote:
> Hi Alan,
>
> I would like to specify that I'm using radclient as a RADIUS proxy.
Um. Why?
> I reach the RADIUS server through a load balancer. The server uses ports other than 1812 and 1813 in its responses because the matching between requests and responses is done through the Proxy-State attribute. This behavior is implemented in a very famous European Telco operator.
This behaviour is wrong and not standards compliant. No where in RFC 2865 or any more recent RADIUS RFCs does it describe a method of tying requests and responses using Proxy-State.
> In radclient is not implemented any mechanism to support this behavior?
No.
> Can you confirm that the current implementation of radclient, realizes the matching between requests and responses using also the source port of the responses?
Yes.
Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team
More information about the Freeradius-Users
mailing list