Multiple NAS ips in home_server for COA packets
Alan DeKok
aland at deployingradius.com
Thu Apr 7 15:05:57 UTC 2022
On Apr 7, 2022, at 10:24 AM, Daniele Mantovani <dmantovani at salesianisesto.it> wrote:
> First of all, thanks for this amazing software!
Thanks! We try. :)
> I'm trying to implement in my setup (currently a 3.0.17 freeradius)
I suggest upgrading, but whatever.
> It works and it effectively prepare the packet, but in order to make
> it fully work, I had to create a home_server that correspond to the
> access points (NAS) I'm using for testing like this:
Yes, that works.
> Now I need to deploy that configuration to all my access points, that
> are around 150, and making 150 home_server configurations, one for
> every NAS, it's really long and error prone.
Create them from templates.
> Is There's any way I can specify a home_server that represents all
> those access points?
Unfortunately, no. RADIUS depends on IP addresses.
> I've tried to set the "ipaddr" to a full ip class, like I've done in
> the client section, but it doesn't seem to accept a class of that size
> (it only accepts a /32 address).
That's actually a reasonable thing to do. I'll take a look at it for the 3.2.x releases.
But in 3.0, you can do this:
* edit radiusd.conf, and add the following section before the "security { ... } section
templates {
nas_template {
type = coa
port = 3799
secret = xxxx
... anything else from the "home_server" except "ipaddr"
}
}
You can then put this into proxy..conf:
home_server foo {
ipaddr = 1.2.3.4
$template nas_template
}
And it will automatically fill in the rest of the fields from the template. See raddb/templates.conf for more documentation.
Alan DeKok.
More information about the Freeradius-Users
mailing list