[SOLVED] FreeRADIUS + LVS problem
This is a discussion on [SOLVED] FreeRADIUS + LVS problem within the FreeRADIUS Users forums, part of the Networking and Network Related category; Brief Review: I had a working FreeRADIUS configuration doing EAP-TTLS wireless authentication that broke when put behind a 1:...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
02-27-2007
|
|||
|
|||
[SOLVED] FreeRADIUS + LVS problem
Brief Review:
I had a working FreeRADIUS configuration doing EAP-TTLS wireless authentication that broke when put behind a 1:1 NAT/LVS. No faults were found in the FreeRADIUS configuration, so the NAT configuration was suspect. It likewise was found to have no faults (it's just a single SNAT & a single DNAT rule). After tcpdumping from the server, I discovered that FR was receiving requests via the correct interface/IP, but trying to send them out of a different (virtual) interface/IP. Obviously, this won't work, NAT or otherwise. The original test box was multi-homed, but the interfaces were bonded, so it didn't suffer from the same problem. The NAT just added an extra layer of complexity. The solution was to specifically bind to the correct interface/IP, just as you would with most daemons on a multi-homed box. This would seem to further prove that often the solution is simpler than you'd think :) -- Click to learn how to become a world famous writer or poet http://tagline.hushmail.com/fc/CAaCX...792Hv8Cn74zWV/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html 
|
 |
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT +1. The time now is 08:46 PM.
