10 Jul
2012
10 Jul
'12
10:14 a.m.
On 10/07/12 14:56, perl-list wrote:
So basically, is there a setting that causes the FreeRADIUS server to not respond to Access-Request packets if the username contained there-in is not found in whatever database it is using?
If you're running a recent version of the server, and you configure it that way, it can to that. See the "do_not_respond" policy in "policy.conf". This is usually a bad idea unless you have a very good understanding of what you want to achieve. It's a particularly bad idea if you do it on some usernames and not others, as downstream clients (NAS or proxy clients) will mark the server dead based on untrusted input (the username).