Authorising Clients by Calling Station ID Not IP

Fajar A. Nugraha list at
Mon Oct 24 11:02:27 CEST 2011

On Mon, Oct 24, 2011 at 3:47 PM, JennyBlunt <jennyshoehorn at> wrote:
> Hi,
> Huntgroup-Name := "%{sql:SELECT `groupname` FROM `radhuntgroup` WHERE
> nasipaddress='%{NAS-IP-Address}'}"
> The mysql query then looks like this:
> SELECT `groupname` FROM `radhuntgroup` WHERE nasipaddress=''
> If I use packet-src-ip-address, the query is fine.
> Replacing with called-station-id renders nothing as well.
> Does this have something to do with the dynamic clients??

It shouldn't.

What does the debug log show? What attributes were sent by the NAS in
access-request packet? says "Either
NAS-IP-Address or NAS-Identifier MUST be present in an Access-Request

so if your NAS sends neither, it's broken.


More information about the Freeradius-Users mailing list