Freeradius-Users Digest, Vol 49, Issue 93
Ivan Kalik
tnt at kalik.net
Wed May 20 15:47:44 CEST 2009
>
>>What does that mean? IP of the original NAS packet?
>
> I have 2 interfaces towards the network.
>
> ____________________________________________________________________________
> Radius Client --> Radius Proxy
> 192.168.1.2 192.168.1.3 192.168.14.3 --> IPS1(192.168.14.4)
> 192.168.24.3 --> IPS2(192.168.24.4)
> ____________________________________________________________________________
>
> Steps:
> 1)Radius Client ---> Send packet with NAS-IP-Address = 192.168.1.2
> towards Radius Proxy.
> 2)Radius Proxy changes NAS-IP-Address with 192.168.14.3 for IPS1(or
> 192.168.24.3 for IPS2) and sends it.
>
>
> You say that changing NAS-IP-Address the packet is transmitted correctly.
> Right?
>
> From 192.168.14.3 to IPS1(192.168.14.4) if NAS-IP-Address =
> 192.168.14.3
> From 192.168.24.3 to IPS1(192.168.24.4) if NAS-IP-Address =
> 192.168.24.3
>
Yes. Proxy server will change NAS-IP-Address from the original NAS address
into it's own. That is OK.
>> That's in internal attribute Packet-Src-IP-Address.
>
> Should I modify this attribute or FreeRadius associates
> Packet-Src-IP-Address = NAS-IP-Address.
No, Packet-Src-IP-Address has the originating IP address for the radius
packet (in your case it will be 192.168.1.2). If ISP needs to know the
original NAS IP they should look in Packet-Src-IP-Address.
Ivan Kalik
Kalik Informatika ISP
More information about the Freeradius-Users
mailing list