Re: [Emerald] Weird Radius behavior solved!

Dale E. Reed Jr. ( (no email) )
Thu, 13 Apr 2000 10:37:46 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Previous message: Scott Dahmer: "[Emerald] Nightly tasks"
Next message: Dale E. Reed Jr.: "Re: [Emerald] Nightly tasks"
Maybe in reply to: wilson@dagupan.com: "[Emerald] Weird Radius behavior solved!"

wilson@dagupan.com wrote:
>
> Hi, id like to share with the list our experience with the problem of
> erratic authentication in our radius nt3.0.
> The scenario was that some users are able to log in and be authenticated,
> then for unexplained reasons, the next day, these same people couldnt be
> authenticated by the remote radius server. (This is a roaming scenario).
>
> Yesterday, purely by accident, as i was reviewing the radius admin settings,
> i noticed the ip address field. It was set to 'all'. Remembering that this
> is a multi-homed machine, i set it to use only one of the 3 ips-- The ip
> that was registered with the remote radius server.
>
> And it now works great!

NT has an interesting behavior from Multi-Homed machines. The
source IP *MAY* differ if you don't lock the application down. For
example, with RADIUS being IP security based, if the request for the
user authentication was sent from one of the other IPs than what you
gave the downstream authenticator, they would ignore/reject the
attempt.

Dale E. Reed Jr. Emerald and RadiusNT__________________________________________IEA Software, Inc. www.iea-software.com

For more information about this list (including removal) go to:http://www.iea-software.com/support/maillists/liststart

Previous message: Scott Dahmer: "[Emerald] Nightly tasks"
Next message: Dale E. Reed Jr.: "Re: [Emerald] Nightly tasks"
Maybe in reply to: wilson@dagupan.com: "[Emerald] Weird Radius behavior solved!"