I am using freeradius since four years and I used PPTP/L2TP tunnel for autenticating users against my RADIUS servers with one of my NAS has a dynamic IP (xDSL). However, I can not rely on these connections and the connectivity sometimes fall down and the tunnel, too.
I have some reasons for not to use dyndns or this kind of services.
I decided to autenticate my NAS using only the shared key:
client 0.0.0.0/0 { secret = same_secret_for_eveyone shortname = my_network }
I recognize a problem with DoS attack to my DB.
I can not autenticate the client IP because I have xDSL with dynamic IP. Do you know some other solucion instead of autenticating the public IP in the authorize step?
Yes. Use 2.1.1. Have a look at raddb/sites-available/dynamic-clients. Ivan Kalik Kalik Informatika ISP