Hi, I have the following problem:
radddb.conf:
client 192.168.0.0/16 {
secret = 123qweasdzxc
shortname = homenet
nastype = other
}
Then if a nas sends invalid shared secret I still get it's access request packet
processed, but only the User-Password is modified (with trash). As I use freeradius
for voip some users are authenticated by freamed-ip-address and user-name. So, there
is a chance that anybody can trigger havy processing of my billing on access-request,
when user-password is not used! (A few querries to db, etc...)
As I found out, there is no such problem for accounting packets - they are
automatically rejected.
Can I make freeradius reject (or even better leave without a responce) registration
packets that do not come from specified ip address and don't have correct shared
secret?
Thanks alot!
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
