dynamic-clients help

Mon, 14 Sep 2009 09:39:10 -0700 

Hi,

I am using freeradius 2.1.6 in CentOS 5.3 with mysql backend.

As a follow up question to my previous posting, I have modified the
following in dynamic-clients file.

======================================================
client dynamic {
        ipaddr = 0.0.0.0
        netmask = 0
        dynamic_clients = dynamic_client_server
        lifetime = 86400
}

server dynamic_client_server {

        authorize {
                preprocess
                chap
                mschap
                suffix
                unix
                sql
                expiration
                logintime
                pap
                noresetcounter
                dailycounter
                monthlycounter
                accessperiod

                update control {

                        #FreeRADIUS-Client-IP-Address = 
"%{Packet-Src-IP-Address}"
                        #FreeRADIUS-Client-Require-MA = no
                        #FreeRADIUS-Client-Secret = "testing123"
                        #FreeRADIUS-Client-Shortname = 
"%{Packet-Src-IP-Address}"
                        #FreeRADIUS-Client-NAS-Type = "other"
                        #FreeRADIUS-Client-Virtual-Server = "something"

                }

                if ("%{sql: SELECT nasname FROM nas WHERE nasname =
'%{Packet-Src-IP-Address}'}") {
                        update control {
                                FreeRADIUS-Client-IP-Address = 
"%{Packet-Src-IP-Address}"
                                FreeRADIUS-Client-Shortname = "%{sql: SELECT 
shortname FROM nas
WHERE nasname = '%{Packet-Src-IP-Address}'}"
                                FreeRADIUS-Client-Secret = "%{sql: SELECT 
secret FROM nas WHERE
nasname = '%{Packet-Src-IP-Address}'}"
                                FreeRADIUS-Client-NAS-Type = "%{sql: SELECT 
type FROM nas WHERE
nasname = '%{Packet-Src-IP-Address}'}"
                        }

                }

                ok
        }
}

======================================================

I am not sure if I have to put all the modules as in the default file.
I skipped the
==========
eap {
  ok = return
}
==========
but rest is same as default in authorize section


In my "nas" table, I have following:

====================
nasname: 0.0.0.0
shortname: <shortname>
type: other
ports: 0
secret: <sharedsecret>
====================

My AP have same secret set but still the request is ignored.

What are the other things I need to consider? I am trying to
authenticate users from NAS somewhere in the internet.

Thanks

-- 
==============================
Registered Linux User #460714
Currently Using Fedora 10, CentOS 5.3
==============================
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to