Sanity check on coa
Phil Mayers
p.mayers at imperial.ac.uk
Mon Jun 16 17:48:52 CEST 2014
On 16/06/14 15:24, Alan DeKok wrote:
> Phil Mayers wrote:
>> If I want to send a CoA request from a client, via FR, to the NAS
>> (because the NAS is dumb and will only take CoA packets from the
>> auth/acct server IPs & secrets) then I'm stuck with defining one home
>> server/pool per NAS, right?
>
> No. You can specify a "coa_server" in a "client" section. And then do:
>
> update coa {
> Packet-Dst-IP-Address = ip.of.the.nas
>
> }
The source code, and my testing, suggests this just triggers a lookup of
the IP against the home servers, so you still need to define one home
server per NAS. If you don't you get:
WARNING: Unknown destination <nas>:3799 for CoA request.
Do CoA Fail handler here
?
Also this entails using an access-request to trigger a CoA, rather than
sending a CoA and proxying it onwards to a NAS. Not terrible but not
ideal either.
It's possible I'm doing something wrong, as I found the examples for
this seriously hard to follow - the use of a home server/pool as an
indirection mechanism really confused me, and it was not obvious what
127.0.0.1 was being used for. Dummy value/placeholder? Magic value?
But I can't get this going and am out of time, so I'm going to go with
"ssh to run radclient" :o(
More information about the Freeradius-Users
mailing list