Accepting any login attempt
aland at deployingradius.com
Thu Oct 5 17:07:41 CEST 2006
"John Williams" <john.williams at eurisp.co.uk> wrote:
> Someone did mention to me that you can auth a NAS so any auth requests
> coming from that NAS will be authenticated.
> Is this right?
Sort of, but for your purposes, no.
You *can* do:
DEFAULT Client-IP-Address == 18.104.22.168, Auth-Type := Accept
Which is "authenticate all requests from NAS 22.214.171.124". But it's no
different than the previous problems with Auth-Type := Accept.
The problem you're running into is not the NAS, it's the software on
the end user machine. It's doing MS-CHAP, and the NAS is just blindly
passing traffic back and forth.
Anyways, I explain this in more detail in my book. It should be
done by Christmas.
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
More information about the Freeradius-Users