| *** nowen (~nowen@50-194-249-125-static.hfc.comcastbusiness.net) has joined #wikid | 12:51 | |
| *** coolacid (~CoolAcid@unaffiliated/coolacid) has joined #wikid | 17:49 | |
| *** nowen has quit (Remote host closed the connection) | 18:18 | |
| *** nowen (~nowen@50-194-249-125-static.hfc.comcastbusiness.net) has joined #wikid | 18:18 | |
| nowen | hello | 18:25 |
|---|---|---|
| *** Angel__ (8ad220aa@gateway/web/freenode/ip.138.210.32.170) has joined #wikid | 18:31 | |
| Angel__ | Hey Nick, you there? | 18:32 |
| nowen | yep | 18:32 |
| nowen | glad you made it | 18:32 |
| Angel__ | How are ya? | 18:32 |
| nowen | good. you? | 18:32 |
| Angel__ | Ok this week we are moving buildings arg. I don't know if you ever received my email with a support question. | 18:33 |
| nowen | yes, I responded asking if there was more than one network client using radius | 18:33 |
| nowen | we're moving next week. not a lot of fun | 18:34 |
| Angel__ | Sorry I missed that email. At the moment I have several configured but only one actually being used. | 18:35 |
| nowen | due to limitations of radius, you can only have one network client per domain. | 18:36 |
| nowen | we're looking for a fix, but I'm not sure when or even if it will work | 18:36 |
| Angel__ | We do have a second domain configured and wanted the second network client to use it. | 18:37 |
| nowen | well, that should work fine | 18:37 |
| Angel__ | So yes we are trying the configuration of one network client per domain. | 18:37 |
| nowen | hmm | 18:37 |
| Angel__ | IF you notice the image in the email showing our Domains there should be two | 18:38 |
| nowen | ojk | 18:40 |
| nowen | ok | 18:40 |
| nowen | user is enabled? | 18:41 |
| Angel__ | On the Notice where my user account is showing enabled. | 18:41 |
| nowen | the .55 IP address is the 2nd network client? | 18:44 |
| Angel__ | .53 | 18:44 |
| nowen | the log is showing the request coming from .55, so it's checking against the domain associated with that network client | 18:45 |
| Angel__ | ignore | 18:45 |
| Angel__ | So what you were saying is that I would need to have another network client with a separate IP | 18:46 |
| nowen | yes | 18:46 |
| Angel__ | The network client would not be able to use the same IP is that correct. | 18:46 |
| nowen | correct | 18:46 |
| nowen | radius uses the NAS IP to analyze the packets | 18:47 |
| Angel__ | Ok I will configure our Netscaler with a second IP on the same subnet then. | 18:48 |
| nowen | that should work | 18:52 |
| Angel__ | Can you take a look at the email I just sent Nick? Thanks. | 19:01 |
| nowen | looks ok - did you create a second one for the netscaler? | 19:03 |
| nowen | and restart the wikid service afterward? | 19:04 |
| Angel__ | the one that says cl-ns-2 should be the second one. I have not put that ip on the Netscaler yet. I am doing a TCPDUMP from the WiKID server and noticed that the RADIUS traffic is flowing through the .55 | 19:06 |
| Angel__ | The problem is that yesterday I changed that to domain External2 | 19:06 |
| Angel__ | But seemingly users associated with -External seem to be passing through to the .55 | 19:07 |
| Angel__ | Am I missing something? | 19:07 |
| Angel__ | Is it because I did not restart the WiKID services? | 19:08 |
| nowen | I'm confused - you haven't up the cl-ns-2 ip address on the netscaler yet? | 19:08 |
| Angel__ | No | 19:08 |
| nowen | then traffic can't be coming from it, right? | 19:09 |
| Angel__ | Because I have been trying to figure out what path WiKID is sending RADIUS inquiries to so I know which IP is actually being used. | 19:09 |
| Angel__ | I'm just further confused by the fact that it's using .55 which I originally did have on -External domain and for testing changed it to the -External2 domain | 19:10 |
| Angel__ | Unless the services require a restart when changing the Network client configurations. Is that true? | 19:11 |
| nowen | that is true | 19:11 |
| nowen | but | 19:11 |
| nowen | radius uses whatever IP the traffic is coming | 19:11 |
| nowen | from | 19:11 |
| nowen | so, if tcpdump shows it coming from .55, it will use the network client mapping it finds first | 19:11 |
| nowen | so, I think you need to add the IP to the netscaler and restart wikid, Angel__ | 20:12 |
| *** nowen has quit (Quit: Leaving.) | 21:25 | |
Generated by irclog2html.py 2.11.0 by Marius Gedminas - find it at mg.pov.lt!