Thanks for your prompt response Alan.
" .....An Access-Request SHOULD contain a User-Name attribute. It MUST contain either a NAS-IP-Address attribute or a NAS-Identifier attribute (or both)."
Can someone clarify this please?
It is a requirement on *client* implementations. It has no meaning for a RADIUS server.
What do you suggest that a RADIUS server do if it receives a "non-compliant" packet? Discard it? Reject it? ...
Yes, i came across a different vendor that Rejects requests without either of those mandatory attributes.
FreeRADIUS enforces security requirements. Nearly all of the other "MUST" statements are meant as "this is good practice". They can therefore be ignored. And they often *need* to be ignored for inter-operability with horrible vendor equipment.
I understand your point here; however in my opinion some vendors don't seem to be that flexible even when it comes to such client side requirements. Cheers,