Authenticate users from multiple realms on the same NAS
Francois-Xavier GAILLARD
fx.gaillard at thefox.com.fr
Sat Aug 12 01:06:38 CEST 2006
Le Fri, Aug 11, 2006 at 06:09:21PM -0400, Alan DeKok ecrivait:
> Francois-Xavier GAILLARD <fx.gaillard at thefox.com.fr> wrote:
> > It's a bit tricky, any easier way Alan ?
>
> I'm not sure... the main problem is that multiple people with the
> same name are dialing into the same NAS equipment. So they really are
> the "same" person, but with many possible valid passwords.
>
> It's a hard problem to solve cleanly.
And I'm not even sure my solution works. It's easy to look for
Called-Station-Id, but how would one look for Called-Station-Id if
it's not there (DSL users).
Maybe he should configure the NASes to send different NAS-IP-Address
according to wheter it's a dialup user or a DSL user, using different
loopback addresses, and then rewrite User-Name using NAS-IP-Address
attribute.
Regards,
Fox.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20060812/1f8f1f9f/attachment.pgp>
More information about the Freeradius-Users
mailing list