Is it possible to recognize clients not by their IP addresses?

Johan Meiring jmeiring at pcservices.co.za
Fri Nov 28 14:13:42 CET 2008


Hi,
 
With "dynamic clients" there is a (coming soon...) way to do it.
 
Alan is going to make the NAS-Identifier available in a future release to
the "dynamic clients" section.
 
When this has been done, you should be able to "authenticate a nas" using
the identifier/password.
 
Cheers,
 
Johan Meiring
Cape PC Services CC / Amobia Communications
Tel: (021) 883-8271 / (0861) AMOBIA
Fax: (021) 886-7782 / (0861) AMOFAX
  

-----Original Message-----
From:
freeradius-users-bounces+jmeiring=pcservices.co.za at lists.freeradius.org
[mailto:freeradius-users-bounces+jmeiring=pcservices.co.za at lists.freeradius.
org] On Behalf Of David Mitton
Sent: 27 November 2008 08:49 PM
To: freeradius-users at lists.freeradius.org
Subject: Re: Is it possible to recognize clients not by their IP addresses?



Absolutely not.

How does the RADIUS server know which NAS is talking to it?
It needs to know which secret to use.

Dave.


Nov 27, 2008 01:01:41 PM, freeradius-users at lists.freeradius.org wrote:


Hi!!
The format of ${raddbdir} /clients.conf defines NAS by its IP pool.
And what if I'd like to have a pool of NASes each using unique secret
but not to specyfy their IP or domain names to the freeradius config
files?
Is it possible to do so?

When I was trying to create 2 client sections for same IP pool but
diferent secrets only the second was working.
#clients.conf
client 0.0.0.0/0{
secret = test1
shortname = public1
}
client 0.0.0.0/0{
secret = test2
shortname = public2
}

And with such configuration sending requests with 'secret = test1'
always fails :(
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20081128/a1545896/attachment.html>


More information about the Freeradius-Users mailing list