"Duane Cox" <[EMAIL PROTECTED]> wrote: > Would it be valid to list a host twice in clients.conf. Each listing would > have a unique shared secret and shortname?
No. The shared secret is keyed off of the IP, and the IP's have to be unique. > host 192.168.1.1 has two applications that run. One is a NMS monitoring > package (sends rad packets to the radius server to verify it's running and > operating with the db correctly). The second is an authentication and > bandwidth provisioning system. RADIUS assumes that all client software on an IP is the "same" application. e.g. a NAS, not a desktop. So running RADIUS on systems with multiple clients is awkward. > I could configure both apps to use the same shared secret and shortname if I > have to, but I like that fact that I can look at the radius logs and see the > logs from the specific apps. Can't you look at the *contents* of the packet to see which one it is? That's what the NAS-Identifier string is for. The different apps could (i.e. should) send different NAS-Identifiers. > I have added both clients to clients.conf and restarted radius. I didn't > see any errors or warnings about it. The second will be silently ignored. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
