Only if they've got the right secret. You need to check what each NAS is sending.... There may be something the request that you can key off for DB access... Eg if you have a decent deployment plan you might have the country or region locations or customer details etc alan On 22 Sep 2017 4:48 pm, "Ti Ti" <tt91em@gmail.com> wrote:
2017-09-22 17:30 GMT+02:00 Alan DeKok <aland@deployingradius.com>:
On Sep 22, 2017, at 11:10 AM, Ti Ti <tt91em@gmail.com> wrote:
My purpose is to obtain this result: A NAS, so the radius client, make an auth or acct request to the freeradius server; this server has to discriminate the requests using the nassecret
That's not how RADIUS works. You can't accept packets from random IPs, and "check the secret".
The secret isn't in the packet.
Thanks for the replies. Do you have any advice on what parameter can I use to discriminate the sql database instead of src-ip? As you described before
*>if (Packet-Src-IP-Address == client1) { *> *sql1 *>*}*
And in any case can I use 0.0.0.0/0 to accept packets from all the possible IPs? - List info/subscribe/unsubscribe? See http://www.freeradius.org/ list/users.html