Freeradius-Users Digest, Vol 25, Issue 140

Mati Katz matikatz at gmail.com
Wed May 30 14:08:14 CEST 2007


>
>
>
> >The simple answer is don't use dynamic hosts.
>
> >FreeRADIUS reads the clients file once at startup, resolves the IP's and
> >then stores those.  It won't know about the new IP until the daemon is
> >restarted (or in theory HUP'ed when that is fixed).
>
> >If you must use dynamic hosts, then you will need to specify an IP range
> >like this:
>
> >client 192.168.0.0/24 {
> >       secret          = testing123-1
> >      shortname       = private-network-1
> >}
>
> >That would allow a NAS to have any of 254 different IP's and still be
> >able to talk to FreeRADIUS.  It would also allow anyone else on those
> >IP's who wants to talk to you NAS and can figure out the secret to
> >potentially do naughty things.


   Thanks Dennis, i understand what you say but i thought that there is a
way to use dynamic Dns because not all people have static IP , here in
Israel at least.
I understand that using a range of Ip is not secure , isn't it ?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20070530/d6984e28/attachment.html>


More information about the Freeradius-Users mailing list