I am trying to deal with an issue that has arisen on several of our IAS
servers. The servers all have dual ethernet interfaces that are bound
into a single bridged connection. In addition to the default IP which
is assigned to the bridge, each bridge has several additional IPs bound
to it. Different virtual sites are accessed on the different IPs.
For TCP connections, this functions fine. Incoming traffic to a
specific IP is responded to from that IP.
The problem occurrs with UDP traffic, specifically radius responses
from IAS. Regardless of the IP that the original radius repsonse came
in on, the server always responds from the base IP of the bridge. I
have tried to find a way to a) get IAS/Windows to set the src ip on the
outgoing radius response to match the incoming radius request, or b)
have the radius responses all originate from some ip that is different
from the base ip of the adapter.
Is there anyway to accomplish either of these two solutions? I've
looked on the Net and Technet, but so far no luck. I'd hate to have to
throw an extra linux box in front of the radius servers just to correct
the source IP.
|
Similar Threads
Linear Mode
