Re: ANY FAQs on how radius really works on PM ??

Carl Rigney ((no email))
Sun, 17 Aug 1997 12:34:52 -0700 (PDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Frank Heinzius: "(no subject)"
Previous message: Jon Lewis: "Re: Radius won't start on Linux"
Maybe in reply to: Ilia Zubkov: "ANY FAQs on how radius really works on PM ??"

Our "RADIUS Administrator's Guide" is available on ftp.livingston.com
in PostScript and PDF, and should be on www.livingston.com in HTML. We
implement RADIUS as documented in RFC 2138 and 2139 (except for a
handful of attributes not supported yet. The attributes we do support
are clearly described in the RADIUS Admin Guide).

In your example, the Acct-Delay-Time counts up, indicating that these
are retransmissions because the PortMaster didn't receive an
accounting-response from the RADIUS accounting server and so kept
sending the accounting-request again every 45 seconds.

As to why the PortMaster didn't get the response, I'd first check to
see if you're running the RADIUS server on a multi-homed host (if you
do, you have to make sure that RADIUS replies to the PortMaster come
back from the same IP address that the RADIUS requests were sent to).
If that's not it, check the server host's routing, and whether there
were any filters in the way, and then check traffic and congestion to
see if that might have caused the problem. I don't think a mis-matched
shared secret would cause this problem, but I'd double check it
anyway.

--
Carl Rigney

Next message: Frank Heinzius: "(no subject)"
Previous message: Jon Lewis: "Re: Radius won't start on Linux"
Maybe in reply to: Ilia Zubkov: "ANY FAQs on how radius really works on PM ??"