COA to multiple NAS
Alan DeKok
aland at deployingradius.com
Thu Apr 7 14:56:28 CEST 2016
On Apr 7, 2016, at 2:58 AM, Mike <mike at hersham.net> wrote:
>
> On 2016-04-06 16:50, Alan DeKok wrote:
>> RADIUS doesn't work with dynamic IPs.
> Effectively we have it working with Dynamic IPs because in Clients.conf we specify an IP range for a client and all our NAS devices share the same secret.
>
> But this fix doesn't work for COA origination.
I know. As I said earlier, there is a work around.
> I haven't got to the correct stage in migrating from v2 to v3 to test whether we can still do this with clients in version 3. If not we've got a big headache!
As I said, RADIUS is not designed to work with dynamic IPs.
You have built a system based on *wrong* assumptions about how RADIUS works. You can't fix RADIUS. But you can run IPSec.
Alan DeKok.
More information about the Freeradius-Users
mailing list