Freeradius 3.2.0 with dynamic clients on LDAP
igorvolt at gmail.com
Tue Sep 6 17:28:58 UTC 2022
Thanks for your explanation.
Em seg., 5 de set. de 2022 às 19:18, Alan DeKok <aland at deployingradius.com>
> On Sep 4, 2022, at 9:50 AM, Igor Sousa <igorvolt at gmail.com> wrote:
> > I googled it more and I found this post
> > (yeah, I know this happened 8 years ago).
> The documentation is always up to date. There's no need to google
> > I've understood that the rlm_raw
> > module is necessary to access the Called-Station-Id attribute on
> > site-enabled/dynamic-clients (
> > and , but you warned us to not use the rlm_raw module. I don't find this
> > module in https://freeradius.org/modules/.
> Because it's a third-party module which isn't supported.
> > Then, is it possible to access
> > NAS MAC addresses in dynamic-clients configuration in Freeradius 3.2?
> RADIUS client are always keyed off of IP addresses. What people usually
> want is to key off of MAC address, and then do that on a per-packet basis.
> That's just not possible.
> If you want to key off of NAS identity instead of IP address, use
> radsec. (RADIUS over TLS). That's what it's for. You can verify the
> client certificate of the NAS. In which case you don't care about its' IP
> address, or its MAC address.
> Alan DeKok.
> List info/subscribe/unsubscribe? See
More information about the Freeradius-Users