NAS-IP-Address or NAS-Identifier in Access-Request?
Alan DeKok
aland at deployingradius.com
Tue Aug 16 16:37:59 CEST 2011
Eric Geier wrote:
> Yes I read that in the RFC, but was wondering what vendors usually do,
> what's the most typical, etc. I'm also wondering the same about the
> Calling-Station-Id and Called-Station-ID. But sounds like those aren't
> included very often, completely optional.
There's no way to know what is typical. There are many dozens of
vendors, each of whom has many dozens of products using RADIUS. Each
product may have dozens of different firmware revisions, each of which
behaves slightly differently.
> But now that I've thought of it, if there isn't a NAS-IP-Address then
> authentication wouldn't work, right? Cause FR needs to lookup the shared
> secret based upon the NAS-IP-Address?
No. The shared secret is looked up by source IP address. The
NAS-IP-Address can be anything. It is pretty much ignored by the core
RADIUS protocol.
Alan DeKok.
More information about the Freeradius-Users
mailing list