Re: [Emerald] Weird Radius behavior solved!
Dale E. Reed Jr. ( (no email) )
Thu, 13 Apr 2000 10:37:46 -0700
> Hi, id like to share with the list our experience with the problem of
> erratic authentication in our radius nt3.0.
> The scenario was that some users are able to log in and be authenticated,
> then for unexplained reasons, the next day, these same people couldnt be
> authenticated by the remote radius server. (This is a roaming scenario).
> Yesterday, purely by accident, as i was reviewing the radius admin settings,
> i noticed the ip address field. It was set to 'all'. Remembering that this
> is a multi-homed machine, i set it to use only one of the 3 ips-- The ip
> that was registered with the remote radius server.
> And it now works great!
NT has an interesting behavior from Multi-Homed machines. The
source IP *MAY* differ if you don't lock the application down. For
example, with RADIUS being IP security based, if the request for the
user authentication was sent from one of the other IPs than what you
gave the downstream authenticator, they would ignore/reject the
Dale E. Reed Jr. Emerald and RadiusNT__________________________________________IEA Software, Inc. www.iea-software.com
For more information about this list (including removal) go to:http://www.iea-software.com/support/maillists/liststart