This is very interesting, really appreciate the replies. Other than using a VPN, how do other wifi providers actually operate securely? J On 24 Oct 2011, at 21:04, Phil Mayers wrote:
On 10/24/2011 08:45 PM, JennyBlunt wrote:
Hello Phil
I guess we don't need a per NAS secret but thought it might help block any customers we don't need.
We have a load of wifi hotspots on dynamic ips. We know all their nas
Ok, that's about the hardest case I'm afraid.
If you have the option of using something like a tunnel (IPSec) to bring the NASes into your network and give them local IPs I would take it.
If not, then an out-of-band solution might work.
There's no easy answer here I'm afraid. It will depend on the numbers and vendor of your NAS, the capabilities they have and lots of other factors.
In an ideal world, radius-over-TLS (RadSec) would solve this problem but it's basically guaranteed your NASes don't support it (nothing does yet, and possibly never will for NAS->Server traffic). - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html