Authorising Clients by Calling Station ID Not IP
Fajar A. Nugraha
list at fajar.net
Mon Oct 24 11:02:27 CEST 2011
On Mon, Oct 24, 2011 at 3:47 PM, JennyBlunt <jennyshoehorn at me.com> wrote:
> Hi,
> Huntgroup-Name := "%{sql:SELECT `groupname` FROM `radhuntgroup` WHERE
> nasipaddress='%{NAS-IP-Address}'}"
>
> The mysql query then looks like this:
>
> SELECT `groupname` FROM `radhuntgroup` WHERE nasipaddress=''
>
> If I use packet-src-ip-address, the query is fine.
>
> Replacing with called-station-id renders nothing as well.
>
> Does this have something to do with the dynamic clients??
It shouldn't.
What does the debug log show? What attributes were sent by the NAS in
access-request packet?
http://freeradius.org/rfc/rfc2865.html#NAS-IP-Address says "Either
NAS-IP-Address or NAS-Identifier MUST be present in an Access-Request
packet."
so if your NAS sends neither, it's broken.
--
Fajar
More information about the Freeradius-Users
mailing list