Hello Phil
On 10/24/2011 08:06 PM, Jennyanydots Napoleon Shoehorn wrote:
> The ultimate intention was to use the mac address of the nas and a nas
> specific shared secret.
Do you really need a per-NAS secret?
>
> In your opinion, are there better ways to deal with dynamic clients?
"It depends". Can you describe your setup in any detail?
If you've got untrusted clients on IP addresses you don't control and
can't know ahead of time, then it's really hard. The best solution is
"don't do that".
If your NAS and network topology support it, things like VPN tunnels
from NAS->radius server with IP assignment might be one option.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
If you reply to this email, your message will be added to the discussion below:http://freeradius.1045715.n5.nabble.com/Authorising-Clients-by-Calling-Station-ID-Not-IP-tp4883866p4933898.htmlTo unsubscribe from Authorising Clients by Calling Station ID Not IP, click here.