Multiple secrets for 0.0.0.0/0
Joe Maimon
jmaimon at ttec.com
Wed Feb 1 00:23:47 CET 2006
Alan DeKok wrote:
> Joe Maimon <jmaimon at ttec.com> wrote:
>
>>Whats wrong with trial and error?
>
>
> Yuck.
Probably.
>
> It also opens the door to "any one of umpteen secrets".
>
> I would like to know what the underlying requirements are, as
> there's probably a better way of doing this.
Dont know what his requirements are, but the ability to allow any client
in the world to authenticate to my server with any one of X secrets,
thereby allowing me to associate them to client Y as opposed to client Z
is very usefull wherever the IP address range describing the source
of client Y and client Z might overlap.
The ip address range in question need not actually be 0/0.....
This allows me to have specific configurations for this client, cancel
service to only one of the "entities" and to upgrade/change the secret
without requiring a flag-day event.
>
> Alan DeKok.
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>
More information about the Freeradius-Users
mailing list