IP Pool management and Re-authentication
Thibault Le Meur
Thibault.LeMeur at supelec.fr
Tue Mar 20 18:11:12 CET 2007
Hi,
I'm using a system (openvpn) with 'radiusplugin' to let FR authenticate
users and manage IP Pools.
Openvpn sometimes needs to renegotiate the connections and thus sends
authentication requests while the connection is still active (with an
already assigned IP address): this causes FR to assign a new IP address from
the pool (which seems normal since FR has no way to know this is a
renegotiation).
I'd like to patch the openvpn-radiusplugin so that an extra attribute is
sent in the Access-Accept packets so that FR will be able to differentiate
Initial and Renegociation Access-Accept requests and only assign new IP
address from the pool on Initial Access-Accept requests.
Do you know a standard Radius attribute that could be used for this ?
As far as you know, are there other NASes using such a quirk ? Does this
make sense ?
Thanks in advance,
Thibault
More information about the Freeradius-Users
mailing list