Hi,
I may be writing this in the wrong area but hopefully not.
We are using a CentOS server running freeradius for proxy authentication. In other words the WLC forwards the authentication request to this AAA server, which in turn proxys the requests to a national Radius Server.
Normally this system is bullet proof, however, we are now seeing an issue on the firewall regarding the UDP packets as shown below:
Built inbound UDP connection 740092071 for eduroam_clients:193.168.223.251/7938 (193.168.223.251/7938) to
internet:103.240.141.54/6000 (103.240.141.54/6000)
Having checked these addresses they belong to : Germany (193 address) and Hong Kong (103 address).
Thousands of these are being received per second but when the interface on the firewall is shutdown, all is okay again.
Has anyone seen this behaviour before, or at least be able to tell me why turning on the interface would produce these results?
Thanks
I may be writing this in the wrong area but hopefully not.
We are using a CentOS server running freeradius for proxy authentication. In other words the WLC forwards the authentication request to this AAA server, which in turn proxys the requests to a national Radius Server.
Normally this system is bullet proof, however, we are now seeing an issue on the firewall regarding the UDP packets as shown below:
Built inbound UDP connection 740092071 for eduroam_clients:193.168.223.251/7938 (193.168.223.251/7938) to
internet:103.240.141.54/6000 (103.240.141.54/6000)
Having checked these addresses they belong to : Germany (193 address) and Hong Kong (103 address).
Thousands of these are being received per second but when the interface on the firewall is shutdown, all is okay again.
Has anyone seen this behaviour before, or at least be able to tell me why turning on the interface would produce these results?
Thanks
