Re: CSS and Keepalive Script for Radius

Sbutzek · ‎09-09-2005

Hello,

has anyone implemented, a keepalive script, to query a radius server via UDP?

Sven

jfoerster · ‎09-09-2005

Hi Sven,

I guess this will be sort of a problem as you have to implement the security of radius shared secret. Therefor I think only probing the port will be available no real radius probing except you do it via a dummy service on a server triggering a real radius request. The dummy service needs to be triggerd by the CSS/CSM.

Hope that helps.

Kind Regards,

Joerg

Sbutzek · ‎09-09-2005

Hello Joerg,

i think you are right.

But how can i probe a UDP Port, where Radius is running?

lindacitron · ‎12-08-2005

Sven,

Did you ever figure out how to do probe the Radius UPD port? I now have to do the same thing.. Any help would be very appreciated.

Thanks

Linda

Sbutzek · ‎12-09-2005

Hello Linda,

not really. I think the only pussible thing is, to send data to the UDP Port an see if an icmp unreachable will be returned.

If not, the application should be running.

But i am not sure, how to detect a icmp unreachable, so we did change to a simple icmp request.

Sven

Gilles Dufour · ‎12-09-2005

what you could do is capture a sniffer file a querry going to the radius server.

Then, convert the querry to hexadecimal and create a script to send raw data using the hexadecimal.

To the same thing with the response to the same querry. and in your script verify that the response you received is a match again using raw data and hex data.

Regards,

Gilles.