Forum Discussion

Nimbostratus

May 18, 2009

UDP Radius Client - Need Source IP

Hi, I'm presented with an interesting problem that I'm not sure how to attack. I'm working with a RADIUS environment (UDP ports 1812,1813)and trying to setup some basic ...

Employee

May 18, 2009

Hi,

Since the LTM preserves client source address by default, you likely have the LTM set up in a SNAT or "one-armed" configuration. If you are in a flat network, without SNAT, the packets will take an asymmetric path as I described in this post: Click here.

iRules can insert headers, but since there's no way to do an X-Forwarded-For header for RADIUS that I'm aware of (like there is for HTTP), your only choice may be to rearchitect the network such that the LTM is the default gateway for the RADIUS servers and you can remove the SNAT and go back to the default of preserving client source IP.

Denny

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

UDP Radius Client - Need Source IP

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

F5 Academies Are Back – And We’re Coming to a City Near You

Recent Discussions

Sending an HTTP request from iRule without delaying client requests

In F5 APM, how to include multiple DNS suffix?

Issue while migrating config from 4000s to r4600

Username is not filled in EdgeClient in the Modern customization

Cert Bundle Manager

Related Content

Load Balance UDP (Retain Source Client IP)

RADIUS update NAS-IP-Address

Radius External Monitor (Python)

ASM/WAF rate limit and block clients by source ip (or device_id fingerprint) if there are too many violations

The Power of Source Address

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS