Hello,

I have some AS5350 voice gateways using an dummy radius server which has one "little" bug. It can be configured for a auth to listen on one port and for acct on another port, but, when a packet hits it having any source udp port of the sender IP it does not respond on the same udp port, but it sends the packet to the requester's ip with the destination udp port as the same port it received the request.

I don't know if anyone understands what I just wrote, so, let me give you an example :

as5350 with IP 1.1.1.1 with radius server 2.2.2.2 auth-port 1645 acct-port 1646 scenario:

1.1.1.1.1645 > 2.2.2.2.1645

2.2.2.2.1645 > 1.1.1.1.1645

(If as5350 sends the auth request using local udp port 1645, auth works fine)

1.1.1.1.21645 > 2.2.2.2.1645

2.2.2.2.1645 > 1.1.1.1.1645

(If as5350 sends the auth request using another local udp port than the auth-port of my radius, auth fails because the dummy radius sends the packet back using the destination udp port 1645).

Using IOS Versions 12.2 XB, everything is OK, the as5350 sends its requests from udp port 1645 always.

Using IOS Versions > 12.2(11)T, AS5350 sends its requests using udp port 21645. The quick fix should have been to change the radius acctport to 21645, which I did, and everything was OK for about 10 minutes. After that, AS5350 started sending requests using udp port 21646 so I had no auth.

I could not determine how it changes the source udp port, but the problem is that it does.

My Question :

IS There any way for me to make my AS5350 using IOS 12.3(2)T to send auth and acct packets to my radius server using a non-changing source udp port ?