RADIUS server using APM to authenticate users
Problem this snippet solves: this code convert APM policy to a RADIUS server.
Code description
When a Radius request is accepted by the VS:
the radius client IP address is checked against a...
Updated Jun 06, 2023
Version 2.0
Stanislas_Piro2
Cumulonimbus
Cumulonimbus
Kai_Wilke
MVP
MVPHi Stanislas,
1.) I prefer to check if at least 20 bytes are received instead of starting to parsing the outer protocol encapsulation and then count the resulting fields, but its a personal preference.
2.) I'm glad you found out that the UDP-layer needs some attention too, to make the Radius Server RFC compliant and also stable enough for OTP operations. I recommend to use the algorythm mentioned in RFC 5080 to maintain the caches...
In addition to that...
1.) Learn the small but important difference between a signed and unsigned integer.
2.) Test your iRule with the UDP payloads below and watch your TMM entering an endless
[for]set PAYLOAD "\x01\xff\x00\x18\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x01\x02\x01\xfe"
set PAYLOAD "\x01\xff\x00\x16\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x01\x00"
3.) Make sure to spent me a beer during the next MVP summit for pointing out some coding flaws... 😉
4.) And spent me another beer to get a free copy of my iRule based Radius Server stack... 😉
Cheers, Kai