DDNS problem
Krzysztof Olędzki
krzysztof.oledzki at axelspringer.pl
Wed May 30 01:08:02 CEST 2007
On 2007-05-30 00:28, Dennis Skinner wrote:
> Mati Katz wrote:
>> hello
>> i'm using the 1.1.5 version of freeradius.
>> i have problem i setup a client in clients.conf that is a host name
>> like fkatz.dyndns.org because my NAS has dynamic ip. When i try to
>> login at first time (i use DD-WRT + chillispot built-in) i succeeded
>> but after i receive new dynamic ip from my ISP the radius reject it
>> because he doesn't know the new ip.
>> The radius server works fine with IP static i tested.
>> Also i checked lookup and ping to the fkatz.dyndns.org after the
>> dynamic ip has changed and very fast it refreshs.
>
> The simple answer is don't use dynamic hosts.
>
> FreeRADIUS reads the clients file once at startup, resolves the IP's and
> then stores those. It won't know about the new IP until the daemon is
> restarted (or in theory HUP'ed when that is fixed).
>
> If you must use dynamic hosts, then you will need to specify an IP range
> like this:
>
> client 192.168.0.0/24 {
> secret = testing123-1
> shortname = private-network-1
> }
>
> That would allow a NAS to have any of 254 different IP's and still be
> able to talk to FreeRADIUS. It would also allow anyone else on those
> IP's who wants to talk to you NAS and can figure out the secret to
> potentially do naughty things.
Maybe "fastusers" with short hash_reload is able to solve that issue?
Pozdrawiam,
Krzysztof Olędzki
--
Krzysztof Olędzki
Axel Springer Polska Sp. z o.o.
tel: +48-22-2320969
fax: +48-22-2325530
More information about the Freeradius-Users
mailing list