Can it? I am having a problem with a hotspot that is NATed onto another network not being able to contact the radius server? Im pretty sure everything is setup right I can reach the server and I have added the NAT ip of the NAS(MT) to the freeradius server. Thanks in advance for any advice?
Yes RADIUS accounting and authentication packets can be NAT’ed as they are UDP packets and IP address information is not in the payload.
It sounds like in your case you have a MT Hotspot behind a firewall that is doing src-nat. In this case you need to make sure your FreeRADIUS server has the shared secret for that MT using the IP that the FreeRADIUS server will see from the Firewall rather than the MT Hotspot. The firewall has to be configured to dst-nat the RADIUS packets from the FreeRADIUS server into the MT as well.
Thanks. I guess it does need an incoming connection if dst-nat rule is needed on the firewall? Thats probably my problem. Will check it out 