Multiple secrets for 0.0.0.0/0
Teófilo Ruiz Suárez
teo at fon.es
Wed Feb 1 11:24:11 CET 2006
Hi,
Joe Maimon escribió:
>
>
> Alan DeKok wrote:
>
>> Joe Maimon <jmaimon at ttec.com> wrote:
>>
>>> Whats wrong with trial and error?
>>
>>
>> Yuck.
>
> Probably.
>
>>
>> It also opens the door to "any one of umpteen secrets".
>>
>> I would like to know what the underlying requirements are, as
>> there's probably a better way of doing this.
>
> Dont know what his requirements are, but the ability to allow any client
> in the world to authenticate to my server with any one of X secrets,
> thereby allowing me to associate them to client Y as opposed to client Z
> is very usefull wherever the IP address range describing the source
> of client Y and client Z might overlap.
That's actually what I need, more than one secret for different phases
of a deployment. That way I know how many clients of the first phase (ie
secret) are authenticating, deactivate those clients, etc.
Another solution, for the moment, is running an aditional freeradius
server on one of the other IPs assigned to my box. Using the same MySQL
database, if it's not a problem.
Thank you in advance,
--
Teófilo Ruiz
FON - http://es.fon.com
More information about the Freeradius-Users
mailing list