Bypass Canceled Subscribers
Alan DeKok
aland at deployingradius.com
Wed Jun 27 00:27:29 CEST 2018
On Jun 26, 2018, at 5:53 PM, Guilherme Domingues <guilherme.domingues.oliveira at gmail.com> wrote:
>
> We've looking for a simple solution to bypass pppoe request from canceled
> subscribers.
>
> It's sounds odd, but some routers/onus from certain clients hits radius all
> day long, and we're think to access those devices again, by accepting their
> login(only CHAP) and configure this clients to DHCP networks.
The typical solution is to accept these clients, and then to give them un-routable IPs. That means they stop bugging the RADIUS server. But also, their packets are dropped by the gateway as unroutable.
> In alternative of it, we've seen as soluction blocking at L2, but we're
> working with different models of NAS and switches and other networks
> devices.
>
> For us is getting complicated for CHAP autentication. Someone have some
> idea or suggestion ?
There's no mutual authentication in CHAP. So you can just forcibly accept the user, and return Access-Accept.
Alan DeKok.
More information about the Freeradius-Users
mailing list