Add client IP address to log messages

Matthew Newton mcn at
Tue Nov 23 14:16:27 CET 2021

On 23/11/2021 13:08, Drew Weaver wrote:
>> Where is the IP address that sent the RADIUS auth request?
> That is the NAS - which is probably not what you want. The NAS is
> already shown ("from client localhost").
> ----
> Since these are VPN servers all I really need to know is the IP address of the VPN server (or NAS) that the auth request originated from.

You didn't say what the NASes were, so I had to guess. It makes giving 
an accurate answer much harder.

> I am not sure why or even how radiusd could think that the auth request is coming from itself but the requests are not sourced from the radius server to the radius server.

Because you defined all the clients in the "localhost" section in 
clients.conf, so it calls them all "localhost".

Give each client its own section and its own name, and it'll write the 
correct name in the log.

> The sources are all on different IP addresses.

You could also use this in the log section

msg_badpass = "IP:%{Packet-Src-IP-Address}"


More information about the Freeradius-Users mailing list