User authentication for remote NAS'?

Alan DeKok aland at
Thu Mar 30 16:04:07 CEST 2017

On Mar 30, 2017, at 9:20 AM, Brian Candler <b.candler at> wrote:
> On 30/03/2017 13:44, Alan DeKok wrote:
>>> I was thinking about using the NAS-ID or called-station-id to authenticate instead. The NAS-ID is in the rad_recv request so I'm figuring somehow it must be possible to use that?
>>   It's not possible.
> If you have multiple NASes behind a NAT, then obviously you can't have different shared secrets for each one, but I don't think that's what the OP was asking.

  He was pretty clear that he had multiple NASes behind NAT gateways.  That just doesn't work.

  I suspect he was trying to authenticate the *NAS*, not the user.  But the question was unclear.

  Alan DeKok.

More information about the Freeradius-Users mailing list