Res: Res: Res: NAS-IP-Address

[Erico Augusto]

Let I explain better ...
I'm configuring WPA, so the Access Point sends Access-Request RADIUS packets to freeradius, with the Client-IP-Address 10.10.10.1(that is the Access Point IP Address, configured manually), to authenticate user.
freeradius receives Client-IP-Address from Access Point. No doubt about that.

All what I'm trying to do is send Client-IP-Address, after DHCP server assigns one to the client(10.10.10.30, for example), via Post-Auth, to my application, so that it can be possible to configure the firewall, allowing the traffic from the host with Client-IP-Address.

Thanks,

Erico.

----- Mensagem original ----
De: Alan DeKok <aland at deployingradius.com>
Para: FreeRadius users mailing list <freeradius-users at lists.freeradius.org>
Enviadas: Quarta-feira, 4 de Abril de 2007 18:27:42
Assunto: Re: Res: Res: NAS-IP-Address

Erico Augusto wrote:
> during authorize phase, client doesn't have an IP (configure to DHCP),
> so the Access-Point fills the Client-IP-Addess with its own
> IP(NAS-IP-Address - 10.10.10.1).

  No.

  Client-IP-Address is the address of the RADIUS client that sent the
UDP packet.  It is added by FreeRADIUS, and is internal to the server.
It has no meaning outside of FreeRADIUS.

  The rest of your questions can be answered by saying that the
attribute is internal to FreeRADIUS, and isn't what you think it is.
Therefore, it doesn't have the problems you think it has.

  Alan DeKok.
--
  http://deployingradius.com       - The web site of the book
  http://deployingradius.com/blog/ - The blog
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html






__________________________________________________
Fale com seus amigos  de graça com o novo Yahoo! Messenger 
http://br.messenger.yahoo.com/ 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20070405/85012d82/attachment.html>