Hi,
I have been using the hotspot on all of our monowall access points for a few years now with no problems. It has always worked very well.
We also have 12 sites all linked back to my NOC via IPSec tunnels using remote monowall units. All of the monowall boxes use separate Internet connections and query our main radius server via the WAN interface (server is hosted externally)
The problem
The other day I set up a radius server on our local network and set each of the monowall units up to use the local radius server to authenticate users on each hotspot. I also set a few remote star-os units up with hotspots as well. The star-os units are connected via the monowall IPSec tunnels back to the NOC.
What I have found is that the monowall boxes are unable to query the server at the other end of the IPSec tunnel. I have a monowall box on the same local network as the radius server and it works fine. So do all the remote star-os boxes. It is only the remote monowall boxes that are having the problem.
I use freeradius and I have monitored it while a few clients have tried to log in. The server does not even see the request. I can see the star-os units and the local monowall box all logging in users and sending accounting details.
I have set up the monowall hotspots to allow access for clients to access the internal radius server IP address. This has been tested and is working. All users can access there account details via http on the new radius server.
I can ping from each monowall unit back to the radius server, from the radius server to the monowall boxes and can administrate each unit via the IPSec tunnels.
All monowall units are wrap based except for the PC based one in my NOC. All versions are the same - V1.231
Any thoughts?
All settings have been checked, removed and reentered a few times and everything else is working fine.
Regards,
Dan
|
m0n0wall Forum > m0n0wall Support (English) > Bug Reports
Topic: Hotspot contacting radius server over IPSec tunnel