-3

I am trying to connect to RADIUS port in one of my project. The radius port is 1812 opened on RADIUS server. I added this port to ip table (ip natting) using

/sbin/iptables -t nat -A PREROUTING -p udp -s 0/0 -d 172.25.X.X/32 --destination-port  1813  -j REDIRECT --to-ports 58440

After this when I execute my script and do netstat -anp at that time I am unable to see the port opened on my system. What am I doing wrong here?

MadHatter
  • 79,770
  • 20
  • 184
  • 232
Sagar Shahabade
  • 1
  • Did you start radiusd on port 58440 ? You're also according to your iptables command redirecting port 1813 to 58440 but earlier you say the radius post is 1812 - confusion reigns. – user9517 Feb 24 '15 at 07:14
  • Ya I started it on 58440 and destination port for my radius server is 1812. It was not working with 1812 so I am trying with 1813 but its still not working. – Sagar Shahabade Feb 24 '15 at 07:56
  • Why are you changing the listen port and putting in this iptables rule? This appears to be completely unnecessary. – Michael Hampton Feb 24 '15 at 13:14

2 Answers2

2

From the information provided, it seems that amongst other things, radiusd is not listening on port 58440. The first thing to do is to fix that.

  • Check your logs for relevant error messages.
  • Run radiusd in debug mode radiusd -X

Once you fix that then it should be easy to solve any additional problems you have.

user9517
  • 115,471
  • 20
  • 215
  • 297
0

You haven't made it clear which port you expect to see "opened", but if you expect iptables to start listening on 1813 (or 1812), that is not how it works.

You will only see ports that actually have a process bound to them in the kernel. iptables actually redirects each packet to the new port, it doesn't start listening on that port and act as a proxy to the actual port.

fukawi2
  • 5,396
  • 3
  • 32
  • 51