[prev in list] [next in list] [prev in thread] [next in thread]
List: freeradius-users
Subject: RE: Radclient receives response messages from different source port than destination port of request
From: <rosario.mattera () accenture ! com>
Date: 2013-05-30 12:54:10
Message-ID: 8106E5671B820B40BE04BC8A5483F8ECE5F975 () 048-CH1MPN1-132 ! 048d ! mgd ! msft ! net
[Download RAW message or body]
Thanks for your answer, Arran.
Regards,
Rosario
-----Original Message-----
From: freeradius-users-bounces+rosario.mattera=accenture.com@lists.freeradius.org \
[mailto:freeradius-users-bounces+rosario.mattera=accenture.com@lists.freeradius.org] \
On Behalf Of Arran Cudbard-Bell
Sent: giovedì 30 maggio 2013 14:27
To: FreeRadius users mailing list
Subject: Re: Radclient receives response messages from different source port than \
destination port of request messages
On 30 May 2013, at 05:23, rosario.mattera@accenture.com wrote:
> Hi Alan,
>
> I would like to specify that I'm using radclient as a RADIUS proxy.
Um. Why?
> I reach the RADIUS server through a load balancer. The server uses ports other than \
> 1812 and 1813 in its responses because the matching between requests and responses \
> is done through the Proxy-State attribute. This behavior is implemented in a very \
> famous European Telco operator.
This behaviour is wrong and not standards compliant. No where in RFC 2865 or any more \
recent RADIUS RFCs does it describe a method of tying requests and responses using \
Proxy-State.
> In radclient is not implemented any mechanism to support this behavior?
No.
> Can you confirm that the current implementation of radclient, realizes the matching \
> between requests and responses using also the source port of the responses?
Yes.
Arran Cudbard-Bell <a.cudbardb@freeradius.org> FreeRADIUS Development Team
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
This message is for the designated recipient only and may contain privileged, \
proprietary, or otherwise confidential information. If you have received it in error, \
please notify the sender immediately and delete the original. Any other use of the \
e-mail by you is prohibited.
Where allowed by local law, electronic communications with Accenture and its \
affiliates, including e-mail and instant messaging (including content), may be \
scanned by our systems for the purposes of information security and assessment of \
internal compliance with Accenture policy.
______________________________________________________________________________________
www.accenture.com
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic