NAS list and dynamic IP
Gunther
freeradius at caribsms.com
Mon Dec 12 23:47:14 CET 2005
I am running FR 1.0.5 using MySQL including the nas list in a table.
So far I have to use the same secret for a number of different NAS units
which are connected
to the Internet via a dynamic IP. My FR server is on the Internet and has to
accept connections from the various NAS units, which can be connected with a
variety
of different IPs. One ISP has several IP ranges and all of these addresses
have
to be recognised.
So far I am using a masked IP address as nas identifier (e.g.
123.123.0.0/16).
How can I use a unique secret for each NAS connected to the same ISP?
This is the fixed position format of the nas list in sql (rlm_sql.c):
/*
* Format:
* Row1 Row2 Row3 Row4 Row5 Row6 Row7 Row8
*
* id nasname shortname type ports secret community
description
*
*/
>From what I understand and experienced, the nasname must be either a DNS
resolveable name
or an IP address or IP range with netmask.
Since my nas clients are on dynamic IP addresses and the nas list will only
be read during
the radius startup, I am using IP addresses with netmasks.
Startup:
Sun Dec 12 13:03:44 2005 : Debug: rlm_sql_mysql: query: SELECT * FROM
phs_nas
Sun Dec 12 13:03:44 2005 : Debug: rlm_sql (sql): Read entry
nasname=123.123.0.0/16,shortname=MyShortName,secret=mySecretHere
Sun Dec 12 13:03:44 2005 : Debug: rlm_sql (sql): Adding client
123.123.0.0/16 (MyShortName) to clients list
... read nas next entry
Is there another way of handling dynamic NAS IP addresses and unique nas
secrets?
Gunther
More information about the Freeradius-Users
mailing list