* Paul Dealy <[email protected]> [Wed, 25 Feb 2009 21:42:37 +1100]: > > I have accounting turned on, but I don't see the authed machines IP on > that of the NAS. > Use DHCP Snooping[1] and then yank the DHCP servers logs. If you want them in the SQL table, you should add them afterwards. You need to bear in mind that in the medium-long term there will be nothing stopping (or invalid) about computers having multiple IP addresses[2]. Expecting a venduh (especially Cisco) to give you what you want/need is asking for trouble.
We personally yank from our DHCP logs, because of DHCP snooping, we know they can be trusted. Cheers [1] http://www.cisco.com/web/DK/assets/docs/security2006/Security2006_Eric_Vyncke_2.pdf [2] IPv4 and IPv6 addresses, multiple of the later for workstations is an expectation not an edge case. Also there is technically nothing stopping a workstation in a single 'session' changing IP addresses -- Alexander Clouter .sigmonster says: Go on, EMOTE! I was RAISED on thought balloons!! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
