distinction between users on different AP (talking to the same radius server)
Phil Mayers
p.mayers at imperial.ac.uk
Tue Nov 21 11:40:30 CET 2006
liran tal wrote:
> Hey everyone,
>
> I was just wondering for your opinion on this issue-
> I want to spread several access points in different locations (they all
> talk to a central radius) and then i want to distinct one location from
> another for example user foo can login from either location but id like
> to make the distinction from which ap he got connected from... whats the
> best way to do that?
The radius auth and accounting packets should contain Client-IP-Address
(which FreeRadius adds) which will differ between APs. The APs
themselves almost certainly will put one of NAS-IP-Address or
NAS-Identifier in the auth/acct packets, which again will allow you to
distinguish.
>
> I was thinking of one method which is to configure in each AP a
> different subnet mask for the DHCP allocations
> and then make the distinction based on that but I'm looking for a more
> elegant way.
Don't do that. Use the standard Radius attributes (NAS-IP-Address,
NAS-Identifier) or the Freeradius-supplied one (Client-IP-Address)
>
>
> Thanks guys,
> Liran.
>
>
> ------------------------------------------------------------------------
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list