[rbak-nsp] HowTo Send Packet-of-Disconnect/Disconnect-Messages to a RedBack SE-800

Thu May 21 17:43:44 EDT 2009

By issuing the configuration directive:

radius coa server <IP of RADIUS SERVER> encrypted-key <KEY> port 3799

you are permitting CoA packets from <IP of RADIUS SERVER> using key <KEY>
on port 3799 to be used for CoA requests.

If you issue this directive in the "somedomain.net" context then you will only be able
to issue CoA requests for subscribers of "somedomain.net" and can only send CoA
packets to this context's bound IP address.

If you issue this directive in the "local" context, then you can issue CoA 
requests for all subscribers in all contexts.

In both cases, port 3799 must be permitted in any ACLs which protect your context
either on the redback itself or any upstream devices.

Hope this helps

------------------------------------------------
David Freedman
Group Network Engineering 
Claranet Limited
http://www.clara.net

-----Original Message-----
From: redback-nsp-bounces at puck.nether.net on behalf of Insan Praja SW
Sent: Thu 5/21/2009 22:37
To: redback-nsp at puck.nether.net
Subject: Re: [rbak-nsp] HowTo Send Packet-of-Disconnect/Disconnect-Messages to a RedBack SE-800

On Fri, 22 May 2009 04:28:02 +0700, David Freedman  
<david.freedman at uk.clara.net> wrote:

> Are you trying to issue a CoA to an IP bound to a context which isn't  
> somedomain.net?
172.30.23.254 is the NAS/SE-800

> If you are trying to issue it directly to an IP bound to the  
> somedomain.net context then yes,
Yes

> you need to have CoA server configured in this context on port 3799 and  
> be permitted to speak to it
>
So the CoA server has to be listening or sending packet from port 3799 or  
to port 3799?

> If you are trying to use another context (i.e local only) then you must  
> have the CoA server configured
> in local context and be able to send your CoA RADIUS packet to the  
> configured port (acl permitting)
>
> As quoted before, debug commands you may find helpful are:
>
> debug aaa rad-packet
> debug aaa rad-coa
> debug aaa rad-attr
>
>
> Dave.
>
> ------------------------------------------------
> David Freedman
> Group Network Engineering
> Claranet Limited
> http://www.clara.net
>
>
>
> -----Original Message-----
> From: redback-nsp-bounces at puck.nether.net on behalf of Insan Praja SW
> Sent: Thu 5/21/2009 22:07
> To: redback-nsp at puck.nether.net
> Subject: [rbak-nsp] HowTo Send Packet-of-Disconnect/Disconnect-Messages  
> to a RedBack SE-800
> Hi List,
> I'm currently trying to send packet of disconnect/disconnect messages to  
> a
> redback from a radclient. I tried with;
> $ echo "User-Name='someuser at somedomain.net'" | /usr/local/bin/radclient  
> -c
> '1' -n '3' -r '3' -t '3' -x '172.30.23.254:3799' 'disconnect'  
> 'somesecret'
> 2>&1
>
> Results:
> radclient: no response from server for ID 32 socket 5
> Sending Disconnect-Request of id 32 to 172.30.23.254 port 3799
> User-Name = "someuser at somedomain.net"
> Sending Disconnect-Request of id 32 to 172.30.23.254 port 3799
> User-Name = "someuser at somedomain.net"
> Sending Disconnect-Request of id 32 to 172.30.23.254 port 3799
> User-Name = "someuser at somedomain.net"
>
> the somedomain.net context on SE-800 has no "radius coa server"
> configured. Do I have to configured this first?
>
> Thanks,
>
>
>
> Insan Praja SW
Thanks,

Insan Praja SW
-- 
insandotpraja(at)gmaildotcom
_______________________________________________
redback-nsp mailing list
redback-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/redback-nsp

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/redback-nsp/attachments/20090521/e727276c/attachment.html>