> This could be the cause of my current problems. I have the "primary"
> address as the RadiusNT IP address so shouldn't this overcome the problem?
Not necessarily. Let me give an example of a problem we recently
ran into. It is a simple fix, but not an obvious one.
RadiusNT #1 NAS #1 NAS #2
----------- -------------- --------------
10.0.0.2 10.0.0.3 10.0.1.3
10.0.1.2 Auth: 10.0.0.2 Auth: 10.0.0.2
Both 10.0.0.0 and 10.0.1.0 are on the same phsyical
wire, with a Cisco router ethernet interface having
10.0.0.0 as its primary and 10.0.1.0 as its secondary.
Now, the problem here is when we setup the second NAS
we just be default set its auth server to 10.0.0.2, which
is the primary address of the RadiusNT server. What
was happening is that the request would come into RadiusNT
at 10.0.0.2, and go out 10.0.1.2 (makes sense) and since the
response came from a DIFFERENT IP address than the request
was sent to, the response is ignored.
Fixing the problem is easy. Just send the request to the
first listed address in the 10.0.1.0 network for the RadiusNT
machine and everything started working again.
So in our case, it wasn't the primary address of the RadiusNT
machine we needed, but the primary address in the same subnet
as the NAS.