Cache for machine authentication

Alan DeKok aland at deployingradius.com
Fri Oct 4 22:39:13 CEST 2013


Garber, Neal wrote:
> Can someone tell me if it is possible in FR to cache in memory (for a
> short amount of time) Calling-Station-Id from successful machine
> authentications so that subsequent user authentications can test whether
> the user is connecting from an authorized device?  This is a feature
> that is available with Cisco ACS version 5 (using attribute
> Was-Machine-Authenticated) that I am trying to emulate in FR.

  My suggestion would be to use the "redis" module.

  Cisco ACS seems to do it internally, because it's a monolithic
application.  FreeRADIUS is built out of pieces.  We're not a database,
so we recommend using one where necessary.

  Alan DeKok.


More information about the Freeradius-Users mailing list