At this time, the request are authed regardless of the username or
password but they are authed regardless of the client or secret.
Not possible.
You are correct..
Let me re-phrase after doing a little more testing...
At this time I have an "AuthAll" setup working and it only works for request
that come from IPs with belong to clients defined in the clients.conf file.
But...
I have confirmed 100% that the secret on defined in those clients is totally
ignored in this situation.
So, I can attempt to login from a defined client using any secret and they
all work as long as the request is coming from an IP belonging to a client
defined in the clients.conf file.
I don't care if the secret is ignored personally, just thought some of you
folks might want to know. As long as the request are only honored from
authorized IPs this is good enough for the application I am using it for.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
