Radius protocol just runs over normal UDP and isn't different then a
normal UDP 'connection'
Jonathan De Graeve
jonathan dot de dot graeve at imelda dot be
Always read the manual for the correct way to do things because the
number of incorrect ways to do things is almost infinite
> -----Oorspronkelijk bericht-----
> Van: Clayton Cannon [mailto:Clayton dot Cannon at neighbortofamily dot org]
> Verzonden: dinsdag 18 juli 2006 14:52
> Aan: SDamron; m0n0wall at lists dot m0n0 dot ch
> Onderwerp: RE: [m0n0wall] Using a internet based RADIUS server and
> I've tried forwarding UDP, TCP and UDP/TCP port 1812 and 1813 to the
> inside the LAN but the m0n0wall is blocking packets of non-udp type
> protocol type) coming from the Radius server. They are not marked as
> nor TCP and I know on a PIX you have to specify the Radius protocol
> you have to do with GRE for PPTP tunnels. I've even setup a sniffer
> Radius server (Windows 2003 box with IAS) and have verified the use of
> Radius protocol. Any ideas? Thanks.
> -----Original Message-----
> From: SDamron [mailto:sdamron at gmail dot com]
> Sent: Monday, July 17, 2006 7:59 PM
> To: Clayton Cannon
> Subject: Re: [m0n0wall] Using a internet based RADIUS server and
> Just allow port 1812 and 1813 upd and tcp. That generally fixes it.
> On 7/17/06, Clayton Cannon <Clayton dot Cannon at neighbortofamily dot org>
> > The firewall is m0n0wall. The clients attempting to authenticate
> clients using an AP which is on the network behind the firewall. The
> server is on the Internet and the AP is to authenticate logins to it.
> Problem is when the Radius server answers, m0n0wall blocks the
> back to the AP. I have attempted to make rules to allow the
> but I do not see an option for the Radius protocol to be allowed.
> > ________________________________
> > From: Jonathan De Graeve [mailto:Jonathan dot DeGraeve at imelda dot be]
> > Sent: Mon 7/17/2006 5:24 PM
> > To: Clayton Cannon; m0n0wall at lists dot m0n0 dot ch
> > Subject: RE: [m0n0wall] Using a internet based RADIUS server and
> > M0N0WALL
> > Van: Clayton Cannon [mailto:Clayton dot Cannon at neighbortofamily dot org]
> > Verzonden: ma 17/07/2006 21:24
> > Aan: m0n0wall at lists dot m0n0 dot ch
> > Onderwerp: [m0n0wall] Using a internet based RADIUS server and
> > M0N0WALL
> > >I have setup a public Radius & CA server which I plan to use to
> > >manage the wifi access of the enterprise I manage. The problem I
> > >having is that the Radius packets keep getting blocked at the
> > >firewall when the Radius server responds to a Radius authentication
> > >attempt. Has anyone had experience with authenticating LAN clients
> > >with a internet based Radius server or even a central Radius server
> WAN links provided by IpSEC tunnels?
> > >
> > 1) which firewall, the m0n0wall one?
> > 2) can you make a 'image' of your setup?
> > M0n0's CP handles internet radius systems without any problem by
> > J.
> "Nothing on earth can overcome an absolutely non-resistant person."