Forward Radius Authentication Request To A URL

Question

The following isn't forwarding the Radius Authentication request to the URL.  Does anyone have any idea why it's not working?
&nbsp;If a connection from 10.185.186.1 arrives to the F5, on utp port 1812,  forward the reqeuest to the URL.&nbsp;&nbsp;
&nbsp;when CLIENT_LINE {
&nbsp;     if { [IP::addr [IP::client_addr] equals 10.185.186.1] } {
&nbsp;     set URL ""
&nbsp;     log local0. "Client redirected, IP: [IP::client_addr]"
&nbsp;}
&nbsp;}

hamish · Answer

UTP? You mean UDP? (RADIUS us usually udp/1812).  
&nbsp;  
&nbsp; I think you're a bit confused here... 
&nbsp;  
&nbsp; For a start, RADIUS isn't HTTP... So you can't just redirect a UDP packet to an HTTP URL (Which usually implies a TCP connection). If you simply want to direct a particular client to one IP address, then depending on whether that pool member is in the default pool, you could simply select that pool member on the client ip...  Or do something else...  
&nbsp;  
&nbsp; Post more info on what you're actually trying to do, we might be able to provide some suggestions. 
&nbsp;  
&nbsp; H

bknwe_10326 · Answer

Actually I have two issues.  But, here I'm concerned about the Irule: 
&nbsp;  
&nbsp; 1.  Irule:  An external device is authenticating via Raduis UDP to our primary site.  But, we also need it to authenticate to our secondary site.  If I put in the URL (on the internal GTM, that will has both of the radius virtual servers), the device automatically picks up the primary virtual server - the device won't allow me to input the URL on the GTM.  Maybe using this URL isn't possible, since I'm using radius UDP?Since both radius devices are at different sites, I can't use a pool member.  It looks like I have to use the GTM/Irule? 
&nbsp; Do you know if this is possible with an irule?  Maybe I'm wasting my time....... 
&nbsp;  
&nbsp; 2.  Issue 2 is that I need to configure a virtual server with UDP radius. 
&nbsp;  
&nbsp; Thanks

bknwe_10326 · Answer

Actually I have two issues.  But, here I'm concerned about the Irule: 
&nbsp;  
&nbsp; 1.  Irule:  An external device is authenticating via Raduis UDP to our primary site.  But, we also need it to authenticate to our secondary site.  If I put in the URL (on the internal GTM, that will has both of the radius virtual servers), the device automatically picks up the primary virtual server - the device won't allow me to input the URL on the GTM.  Maybe using this URL isn't possible, since I'm using radius UDP?Since both radius devices are at different sites, I can't use a pool member.  It looks like I have to use the GTM/Irule? 
&nbsp; Do you know if this is possible with an irule?  Maybe I'm wasting my time....... 
&nbsp;  
&nbsp; 2.  Issue 2 is that I need to configure a virtual server with UDP radius. 
&nbsp;  
&nbsp; Thanks

Forum Discussion

Forward Radius Authentication Request To A URL

3 Replies

Recent Discussions

Can iRule mask the payload content on event logs of security

minimum tmos software version for connect CIS (openshift)

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5 Rseries HA

Need advise to setup a policy on F5

Related Content

Distributed caching of authentication requests with NGINX Ingress Controller

SSL Orchestrator Advanced Use Cases: Forward Proxy Authentication

F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator

Doing mTLS Authentication per URL

Application Programming Interface (API) Authentication types simplified