Radius Moving IP Address

When moving a radius service from one machine to another I had to do the following:

On the first machine bring down the IP address:

ifconfig eth0 down

On the new machine, create a file for the new IP address:

vi /etc/sysconfig/network-scripts/ifcfg-eth0:1


DEVICE=eth0:1
BOOTPROTO=static
HWADDR=00:16:3E:6D:BD:63
IPADDR=123.111.1.2
NETMASK=255.255.255.0
NETWORK=123.111.1.0
ONBOOT=yes

And bring up the interface with:

/etc/init.d/network restart

or

ifconfig eth0:1 up

It may take a few minutes for the Arp-Ip tables on the switches to update but issuing the following may help (where 123.117.1.2 is the new IP address the Arp of which you want to advertise to the switches):

arping -U -I eth0 123.117.1.2

Then test the radius response using NTRadPing or the following:

echo "User-Name=33-22-BA-14-A2-F8,Password=testing123" | radclient -t 2 123.111.1.2:1812 auth testing123
radclient: received response to request we did not send. (id=241 socket 3)
radclient: received response to request we did not send. (id=241 socket 3)
radclient: received response to request we did not send. (id=241 socket 3)
radclient: no response from server for ID 241 socket 3

Oops I forgot to configure Radius to listen on the new IP address so edit /etc/raddb/radius.conf and set the bind_address value:

bind_address = 123.111.1.2

On Freeradius version 2 the line is:

ipaddr = 123.111.1.2

Test it again:

echo "User-Name=33-22-BA-14-A2-F8,Password=testing123" | radclient -t 2 123.111.1.2:1812 auth testing123

Hopefully a succesful response like this:

Received response ID 164, code 2, length = 20

Leave a Reply

  • (will not be published)

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>