[ previous ] [ next ] [ threads ]
 
 From:  YvesDM <ydmlog at gmail dot com>
 To:  "Monowall Support List" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  m0n0wall "leaking" authentication to radius2 even if radius1 is up.
 Date:  Wed, 1 Aug 2007 21:40:32 +0200 
Hi,

Sorry I can't find a better way to explain this :-)
I've enabled authentication logging on my second radius server.
I have re-authenticate every minute enabled in the CP config of monowall.
Now, I notice authentication requests passed to radius2 from time to time,
while radius1 has never been down. (is contstantely monitored, so 100% sure)
I 've seen this from different locations,  so different m0n0walls. All
M0n0's are v1.23

Tue Jul 31 20:10:54 2007 : Auth: Login OK: [xxxxxxx] (from client m0n0wall
port 2 cli 00:50:8d:ed:d1:5b)
Tue Jul 31 20:25:13 2007 : Auth: Login OK: [xxxxxxxx] (from client m0n0wall
port 2 cli 00:0c:6e:a4:f8:0b)
Tue Jul 31 20:26:48 2007 : Auth: Login OK: [xxxxxxxx] (from client m0n0wall
port 2 cli 00:50:8d:ed:d1:5b)
Tue Jul 31 20:36:37 2007 : Auth: Login OK: [xxxxxxxx] (from client m0n0wall
port 2 cli 00:16:6f:bf:ff:ed)
Tue Jul 31 22:00:12 2007 : Auth: Login OK: [xxxxxxxxx] (from client m0n0wall
port 6 cli 00:0f:b0:93:6f:7f)
Tue Jul 31 22:12:12 2007 : Auth: Login OK: [xxxxxxxxxx] (from client
m0n0wall port 6 cli 00:0f:b0:93:6f:7f)
Tue Jul 31 22:48:56 2007 : Auth: Login OK: [xxxxxxxx] (from client m0n0wall
port 4 cli 00:c0:9f:e1:b0:ae)
Tue Jul 31 23:51:48 2007 : Auth: Login OK: [xxxxxxxx] (from client m0n0wall
port 4 cli 00:16:36:91:3f:3c)
Wed Aug  1 00:02:52 2007 : Auth: Login OK: [xxxxxxxx] (from client m0n0wall
port 6 cli 00:0f:b0:93:6f:7f)
Wed Aug  1 00:05:26 2007 : Auth: Login OK: [xxxxxxx] (from client m0n0wall
port 6 cli 00:0f:b0:93:6f:7f)
Wed Aug  1 00:28:28 2007 : Auth: Login OK: [xxxxxxxx] (from client m0n0wall
port 3 cli 00:50:70:22:b6:cd)
Wed Aug  1 00:28:38 2007 : Auth: Login OK: [xxxxxxxx] (from client m0n0wall
port 3 cli 00:50:70:22:b6:cd)
Wed Aug  1 00:31:47 2007 : Auth: Login OK: [xxxxxxxxx] (from client m0n0wall
port 7 cli 00:11:11:3c:d2:7d)
Wed Aug  1 00:53:15 2007 : Auth: Login OK: [xxxxxxx] (from client m0n0wall
port 4 cli 00:16:36:91:3f:3c)
Wed Aug  1 09:22:17 2007 : Auth: Login OK: [xxxxxxxxx] (from client m0n0wall
port 3 cli 00:15:f2:d1:38:85)
Wed Aug  1 09:22:27 2007 : Auth: Login OK: [xxxxxx] (from client m0n0wall
port 3 cli 00:15:f2:d1:38:85)
Wed Aug  1 09:26:52 2007 : Auth: Login OK: [xxxxxxx] (from client m0n0wall
port 2 cli 00:50:fc:4b:6f:78)
Wed Aug  1 09:27:02 2007 : Auth: Login OK: [xxxxxxxxx] (from client m0n0wall
port 2 cli 00:50:fc:4b:6f:78)
Wed Aug  1 12:21:11 2007 : Auth: Login OK: xxxxxxxxx] (from client m0n0wall
port 2 cli 00:0a:e6:7c:ac:35)
Wed Aug  1 12:21:21 2007 : Auth: Login OK: xxxxxxxxx] (from client m0n0wall
port 2 cli 00:0a:e6:7c:ac:35)

(I masked the usernames xxxxxxxxx)

Any idea what's causing this?

PS Some time ago I posted a topic on this list (and on the forum) where I
said I changed the failover time between radius1 and radius2 in a custom
image.
Just to be clear, this isn't happening with one of these custom images (so
far, but I only got 2 of those images running for now),
so that change is not the cause. The images where this is happening now are
unmodified.

Kind regards
Yves