Freeradius reply package forward
Matthew Newton
mcn4 at leicester.ac.uk
Thu Aug 4 11:08:28 CEST 2016
On Thu, Aug 04, 2016 at 10:36:07AM +0300, Ali Orhun Akkirman wrote:
> When I turn on the proxy configuration, Freeradius can't send reply
> message"Access-Accept". It sent only "Access-Request" package. I want
> Freeradius sent reply message to another IP adress.
Yes, of course. FreeRADIUS talks back to the RADIUS client that
talked to it, not some other random address.
On Thu, Aug 04, 2016 at 10:56:05AM +0300, Ali Orhun Akkirman wrote:
> I want to configure SSO integration.
>
> https://stuff.purdon.ca/?page_id=354
Read the first paragraph of that again. Your NAS should apparently
be configured to use your FreeRADIUS server for authentication,
but your firewall for accounting.
Or just proxy the accounting packets through to the firewall, I
guess. Which would give you more flexibility in what's sent to the
firewall.
But trying to send reply packets back to somewhere the request
didn't come from is just plain wrong.
Matthew
--
Matthew Newton, Ph.D. <mcn4 at leicester.ac.uk>
Systems Specialist, Infrastructure Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom
For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>
More information about the Freeradius-Users
mailing list