Alan, Thanks for your explanation. -- Igor Sousa Em seg., 5 de set. de 2022 às 19:18, Alan DeKok <aland@deployingradius.com> escreveu:
On Sep 4, 2022, at 9:50 AM, Igor Sousa <igorvolt@gmail.com> wrote:
I googled it more and I found this post
https://lists.freeradius.org/pipermail/freeradius-users/2014-August/073292.h...
(yeah, I know this happened 8 years ago).
The documentation is always up to date. There's no need to google things.
I've understood that the rlm_raw module is necessary to access the Called-Station-Id attribute on site-enabled/dynamic-clients (
https://lists.freeradius.org/pipermail/freeradius-users/2015-March/076430.ht...
and , but you warned us to not use the rlm_raw module. I don't find this module in https://freeradius.org/modules/.
Because it's a third-party module which isn't supported.
Then, is it possible to access NAS MAC addresses in dynamic-clients configuration in Freeradius 3.2?
No.
RADIUS client are always keyed off of IP addresses. What people usually want is to key off of MAC address, and then do that on a per-packet basis. That's just not possible.
If you want to key off of NAS identity instead of IP address, use radsec. (RADIUS over TLS). That's what it's for. You can verify the client certificate of the NAS. In which case you don't care about its' IP address, or its MAC address.
Alan DeKok.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html