check-item NAS-IP-ADdress & Calling-Station-ID with openldap
Ivan Kalik
tnt at kalik.net
Mon May 11 13:28:41 CEST 2009
> I want to use FreeRadius to administer network equipement. I use also
> OpenLDAP to stock information about users. FreeRADIUS and OpenLDAP are
> installed on the same server FreeBSD 7.0.
> I contact a Network equipement (like catalyst cisco 2950 v12.1) with putty
> (ssh/telnet).
>
> I have 2 questions :
>
>
> - Why my calling-station-id in the request is a IP and not a MAC
> ?
Because you are using telnet/ssh. Same applies to VPN. PPPoE (wired and
wireless) request should have mac address in that field. Dial-up should
have phone number.
>
> - When I authenticate on the cisco 2950, I have in my log «
> rlm_checkval: Item Name: NAS-IP-Address, Value: À¨ » instead of
> 192.168.0.50, what is the problem ???
>
NAS-IP-Address can be forged. Use Client-IP-Address. I am not sure why did
it come out like that in checkval when elsewhere in the debug it looks OK.
Ivan Kalik
Kalik Informatika ISP
More information about the Freeradius-Users
mailing list