<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META NAME="Generator" CONTENT="MS Exchange Server version 6.5.7652.24">
<TITLE>RE: [rbak-nsp] HowTo Send Packet-of-Disconnect/Disconnect-Messages to a RedBack SE-800</TITLE>
</HEAD>
<BODY>
<!-- Converted from text/plain format -->
<BR>
<P><FONT SIZE=2>By issuing the configuration directive:<BR>
<BR>
radius coa server <IP of RADIUS SERVER> encrypted-key <KEY> port 3799<BR>
<BR>
you are permitting CoA packets from <IP of RADIUS SERVER> using key <KEY><BR>
on port 3799 to be used for CoA requests.<BR>
<BR>
If you issue this directive in the "somedomain.net" context then you will only be able<BR>
to issue CoA requests for subscribers of "somedomain.net" and can only send CoA<BR>
packets to this context's bound IP address.<BR>
<BR>
If you issue this directive in the "local" context, then you can issue CoA<BR>
requests for all subscribers in all contexts.<BR>
<BR>
In both cases, port 3799 must be permitted in any ACLs which protect your context<BR>
either on the redback itself or any upstream devices.<BR>
<BR>
Hope this helps<BR>
<BR>
------------------------------------------------<BR>
David Freedman<BR>
Group Network Engineering<BR>
Claranet Limited<BR>
<A HREF="http://www.clara.net">http://www.clara.net</A><BR>
<BR>
<BR>
<BR>
-----Original Message-----<BR>
From: redback-nsp-bounces@puck.nether.net on behalf of Insan Praja SW<BR>
Sent: Thu 5/21/2009 22:37<BR>
To: redback-nsp@puck.nether.net<BR>
Subject: Re: [rbak-nsp] HowTo Send Packet-of-Disconnect/Disconnect-Messages to a RedBack SE-800<BR>
<BR>
On Fri, 22 May 2009 04:28:02 +0700, David Freedman <BR>
<david.freedman@uk.clara.net> wrote:<BR>
<BR>
> Are you trying to issue a CoA to an IP bound to a context which isn't <BR>
> somedomain.net?<BR>
172.30.23.254 is the NAS/SE-800<BR>
<BR>
> If you are trying to issue it directly to an IP bound to the <BR>
> somedomain.net context then yes,<BR>
Yes<BR>
<BR>
> you need to have CoA server configured in this context on port 3799 and <BR>
> be permitted to speak to it<BR>
><BR>
So the CoA server has to be listening or sending packet from port 3799 or <BR>
to port 3799?<BR>
<BR>
> If you are trying to use another context (i.e local only) then you must <BR>
> have the CoA server configured<BR>
> in local context and be able to send your CoA RADIUS packet to the <BR>
> configured port (acl permitting)<BR>
><BR>
> As quoted before, debug commands you may find helpful are:<BR>
><BR>
> debug aaa rad-packet<BR>
> debug aaa rad-coa<BR>
> debug aaa rad-attr<BR>
><BR>
><BR>
> Dave.<BR>
><BR>
> ------------------------------------------------<BR>
> David Freedman<BR>
> Group Network Engineering<BR>
> Claranet Limited<BR>
> <A HREF="http://www.clara.net">http://www.clara.net</A><BR>
><BR>
><BR>
><BR>
> -----Original Message-----<BR>
> From: redback-nsp-bounces@puck.nether.net on behalf of Insan Praja SW<BR>
> Sent: Thu 5/21/2009 22:07<BR>
> To: redback-nsp@puck.nether.net<BR>
> Subject: [rbak-nsp] HowTo Send Packet-of-Disconnect/Disconnect-Messages <BR>
> to a RedBack SE-800<BR>
> Hi List,<BR>
> I'm currently trying to send packet of disconnect/disconnect messages to <BR>
> a<BR>
> redback from a radclient. I tried with;<BR>
> $ echo "User-Name='someuser@somedomain.net'" | /usr/local/bin/radclient <BR>
> -c<BR>
> '1' -n '3' -r '3' -t '3' -x '172.30.23.254:3799' 'disconnect' <BR>
> 'somesecret'<BR>
> 2>&1<BR>
><BR>
> Results:<BR>
> radclient: no response from server for ID 32 socket 5<BR>
> Sending Disconnect-Request of id 32 to 172.30.23.254 port 3799<BR>
> User-Name = "someuser@somedomain.net"<BR>
> Sending Disconnect-Request of id 32 to 172.30.23.254 port 3799<BR>
> User-Name = "someuser@somedomain.net"<BR>
> Sending Disconnect-Request of id 32 to 172.30.23.254 port 3799<BR>
> User-Name = "someuser@somedomain.net"<BR>
><BR>
> the somedomain.net context on SE-800 has no "radius coa server"<BR>
> configured. Do I have to configured this first?<BR>
><BR>
> Thanks,<BR>
><BR>
><BR>
><BR>
> Insan Praja SW<BR>
Thanks,<BR>
<BR>
<BR>
Insan Praja SW<BR>
--<BR>
insandotpraja(at)gmaildotcom<BR>
_______________________________________________<BR>
redback-nsp mailing list<BR>
redback-nsp@puck.nether.net<BR>
<A HREF="https://puck.nether.net/mailman/listinfo/redback-nsp">https://puck.nether.net/mailman/listinfo/redback-nsp</A><BR>
<BR>
</FONT>
</P>
</BODY>
</HTML>