Filter-ID reply with Raritan KVMs

Alan DeKok aland at deployingradius.com
Mon Aug 30 23:00:33 CEST 2021


On Aug 30, 2021, at 4:56 PM, Jonathan Davis <jonathan at prioritycolo.com> wrote:
> Someone forgot they setup an ACL which was blocking the FreeRadius replies from reaching the NAS.

  Nice!  I've seen people do that in production.  :(

  Or even better, having a primary and secondary RADIUS server.  Then the firewall admin notices that no traffic has passed through the rule for allowing the secondary RADIUS server to get / reply to packets.  And so he deletes the rule.

  And then when failover occurs, all traffic is blocked.

  The inventiveness of some people cannot be understated.

  Alan DeKok.




More information about the Freeradius-Users mailing list