Not responding when a user is unknown

Phil Mayers p.mayers at
Tue Jul 10 16:14:56 CEST 2012

On 10/07/12 14:56, perl-list wrote:

> So basically, is there a setting that causes the FreeRADIUS server to
> not respond to Access-Request packets if the username contained there-in
> is not found in whatever database it is using?

If you're running a recent version of the server, and you configure it 
that way, it can to that. See the "do_not_respond" policy in "policy.conf".

This is usually a bad idea unless you have a very good understanding of 
what you want to achieve.

It's a particularly bad idea if you do it on some usernames and not 
others, as downstream clients (NAS or proxy clients) will mark the 
server dead based on untrusted input (the username).

More information about the Freeradius-Users mailing list