Two 'secret' entries in clients.conf

jonr at destar.net jonr at destar.net
Mon Dec 31 22:12:50 CET 2007


Hello,

Our network group is going to be changing the 'secret' for all of  
their gear but they are going to do it in stages. I was wondering if  
there is a way to have two 'secret' entries in the clients.conf file.  
Leave the original until the change is complete and have the new  
'secret' also available for the devices that have changed their  
'secret'.

I saw in the wiki(http://wiki.freeradius.org/index.php/Clients.conf)  
this little bit of the config and was wondering if it would work. The  
only difference in the below portion of that page is one has a /24 and  
the other a /16 also the 'shortname' is different.

Can the two stanzas both have the same CIDR and can the 'shortnames'  
be the same or do they have to be different?

Thanks for any ideas,

Jon

#
#  You can now specify one secret for a network of clients.
#  When a client request comes in, the BEST match is chosen.
#  i.e. The entry from the smallest possible network.
#
#client 192.168.0.0/24 {
#	secret		= testing123-1
#	shortname	= private-network-1
#}
#
#client 192.168.0.0/16 {
#	secret		= testing123-2
#	shortname	= private-network-2
#}








More information about the Freeradius-Users mailing list