[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freeradius-users
Subject:    Re: Filter-ID reply with Raritan KVMs
From:       Alan DeKok <aland () deployingradius ! com>
Date:       2021-08-30 21:00:33
Message-ID: 64EB5168-2297-4DDA-9EAE-E1F6A187022F () deployingradius ! com
[Download RAW message or body]

On Aug 30, 2021, at 4:56 PM, Jonathan Davis <jonathan@prioritycolo.com> wrote:
> Someone forgot they setup an ACL which was blocking the FreeRadius replies from \
> reaching the NAS.

  Nice!  I've seen people do that in production.  :(

  Or even better, having a primary and secondary RADIUS server.  Then the firewall \
admin notices that no traffic has passed through the rule for allowing the secondary \
RADIUS server to get / reply to packets.  And so he deletes the rule.

  And then when failover occurs, all traffic is blocked.

  The inventiveness of some people cannot be understated.

  Alan DeKok.


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


[prev in list] [next in list] [prev in thread] [next in thread]