Authorising Clients by Calling Station ID Not IP

Jennyanydots Napoleon Shoehorn jennyshoehorn at
Mon Oct 24 21:06:42 CEST 2011

OH! I've looked too many lines of code over the last week.

I have no idea how to patch but will investigate. Was thinking we might have to use nas-id instead.

The ultimate intention was to use the mac address of the nas and a nas specific shared secret. 

In your opinion, are there better ways to deal with dynamic clients?

Thanks again

On 24 Oct 2011, at 19:52, Phil Mayers wrote:

> On 10/24/2011 07:02 PM, JennyBlunt wrote:
>> If I put in default authorize section, the called-station-id is present.
>> What I just don't understand is why it doesn't work in dynamic hosts and
> As per the comments in the "sample" dynamic-clients:
> #  The request that is processed through this section
> #  is EMPTY.  There are NO attributes.  The request is fake,
> #  and is NOT the packet that triggered the lookup of
> #  the dynamic client.
> #
> #  The ONLY piece of useful information is either
> #
> #       Packet-Src-IP-Address (IPv4 clients)
> #       Packet-Src-IPv6-Address (IPv6 clients)
> #
> #  The attributes used to define a dynamic client mirror
> #  the configuration items in the "client" structure.
> You'll need to patch the source to make what you want work. This may (or may not) be a generally useful patch; the problem is that, in many cases, a single NAS might have >1 Called-Station-Id e.g. multiple BSSIDs for a wireless AP.
> -
> List info/subscribe/unsubscribe? See

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Freeradius-Users mailing list