RADIUS server using APM to authenticate users
Updated Jun 06, 2023
Version 2.0Was this article helpful?
This is very nice work. It seems though [RADIUS:id] returns an integer, but in the format string you are interpreting it as a 2 digit hexidecimal. When I test this using radtest tool, I get error messages like "radclient: received response to request we did not send. (id=16 socket 3)". I'm on version 12.1.2. I overcame this by changing those two format strings at the end of your iRule from cH2S... to ccS...
In comparing the features of this iRule to those of node-radius. I'm wondering if there is a need to verify "Message-Authenticator" in the request and also generate one for the response? Or is that just overkill?