Authorising Clients by Calling Station ID Not IP
Jennyanydots Napoleon Shoehorn
jennyshoehorn at me.com
Mon Oct 24 21:06:42 CEST 2011
OH! I've looked too many lines of code over the last week.
I have no idea how to patch but will investigate. Was thinking we might have to use nas-id instead.
The ultimate intention was to use the mac address of the nas and a nas specific shared secret.
In your opinion, are there better ways to deal with dynamic clients?
On 24 Oct 2011, at 19:52, Phil Mayers wrote:
> On 10/24/2011 07:02 PM, JennyBlunt wrote:
>> If I put in default authorize section, the called-station-id is present.
>> What I just don't understand is why it doesn't work in dynamic hosts and
> As per the comments in the "sample" dynamic-clients:
> # The request that is processed through this section
> # is EMPTY. There are NO attributes. The request is fake,
> # and is NOT the packet that triggered the lookup of
> # the dynamic client.
> # The ONLY piece of useful information is either
> # Packet-Src-IP-Address (IPv4 clients)
> # Packet-Src-IPv6-Address (IPv6 clients)
> # The attributes used to define a dynamic client mirror
> # the configuration items in the "client" structure.
> You'll need to patch the source to make what you want work. This may (or may not) be a generally useful patch; the problem is that, in many cases, a single NAS might have >1 Called-Station-Id e.g. multiple BSSIDs for a wireless AP.
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Freeradius-Users