Alan DeKok wrote:
Phil Mayers wrote:If your NAS supply Message-Authenticator, you could refuse packets without one:Edit the "client" section and set "require_message_authenticator = yes".
Ah thanks - I didn't know about that
The recommendations of RFC 5080 have been implemented in FreeRADIUS. Sometimes years before any other RADIUS server. Apparently Radiator didn't do duplicate detection until RFC 5080... see their changelog for the 4.x series. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html