Authorising Clients by Calling Station ID Not IP
Jennyanydots Napoleon Shoehorn
jennyshoehorn at me.com
Mon Oct 24 21:06:42 CEST 2011
OH! I've looked too many lines of code over the last week.
I have no idea how to patch but will investigate. Was thinking we might have to use nas-id instead.
The ultimate intention was to use the mac address of the nas and a nas specific shared secret.
In your opinion, are there better ways to deal with dynamic clients?
Thanks again
On 24 Oct 2011, at 19:52, Phil Mayers wrote:
> On 10/24/2011 07:02 PM, JennyBlunt wrote:
>> If I put in default authorize section, the called-station-id is present.
>>
>> What I just don't understand is why it doesn't work in dynamic hosts and
>
> As per the comments in the "sample" dynamic-clients:
>
> # The request that is processed through this section
> # is EMPTY. There are NO attributes. The request is fake,
> # and is NOT the packet that triggered the lookup of
> # the dynamic client.
> #
> # The ONLY piece of useful information is either
> #
> # Packet-Src-IP-Address (IPv4 clients)
> # Packet-Src-IPv6-Address (IPv6 clients)
> #
> # The attributes used to define a dynamic client mirror
> # the configuration items in the "client" structure.
>
> You'll need to patch the source to make what you want work. This may (or may not) be a generally useful patch; the problem is that, in many cases, a single NAS might have >1 Called-Station-Id e.g. multiple BSSIDs for a wireless AP.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20111024/6264bb00/attachment.html>
More information about the Freeradius-Users
mailing list