clients.conf - identifying a "client" - sql/ldap
Alan DeKok
aland at deployingradius.com
Wed Aug 13 10:59:19 CEST 2008
Johan Meiring wrote:
>> Is there any way to handle clients with dynamic IPs, and use
>> the NAS-Identifier and radius secret to allow/disallow the NAS?
The current git tree has functionality that should do this. See
git.freeradius.org, and read raddb/sites-available/dynamic-clients.
The idea is to define the network 0.0.0.0/0 as you do now, and then
dynamically create the "client" definition the first time the server
receives a packet from that client. You can use "unlang" to check the
NAS-Identifier, and then define a shared secret for that NAS.
There are limitations, of course. See the configuration file for details.
Alan DeKok.
More information about the Freeradius-Users
mailing list