clients.conf - identifying a "client" - sql/ldap
Johan Meiring
jmeiring at pcservices.co.za
Mon Jul 28 11:55:14 CEST 2008
Hi,
I have the following setup.
Various clients (chillispot) behind broadband (read: dynamic IP)
connections.
Basically I am selling AAA services.
I would like to authotize a nas to use my services in the first place by
using the NAS-Identifier and the radius secret.
Both the NAS SQL table and the clients.conf file seem to identify the client
by IP address.
As my clients can be from ANY address, it seems that the only way is to
create an entry in clients.conf is as follows:
client 0.0.0.0/0 {
shortname = myclient
secret = abcde
}
This now implies again that all clients have to have the same secret.
I am using the perl modules, but according to another post you cannot use
perl as replacement for clients.conf.
Also the sql nas table simply mimics the clients. (I.e. still uses IP
address to find entry).
Is there any way to handle clients with dynamic IPs, and use the
NAS-Identifier and radius secret to allow/disallow the NAS?
Thanks!
Cheers,
Johan Meiring
Cape PC Services CC / Amobia Communications
Tel: (021) 883-8271 / (0861) AMOBIA
Fax: (021) 886-7782 / (0861) AMOFAX
More information about the Freeradius-Users
mailing list