> I would like to know if this is possible to do the following with > Freeradius. eg to ask him to have memory.
Freeradius already keeps replies cached for 5 seconds by default (see cleanup_delay in radiusd.conf). > Description > > I've got one authentication request (called request 1) coming from an ASN > GW that will contain the mac adress of the CPE in some attribute. > Freeradius will send an access accept. > This authentication success will enable the CPE to get connected to the > base station. (EAP-TTLS) > > Then I will have a second authentication request (called request 2) coming > from a Broadband Access Server. This equipement will transform DHCP > request > into a Radius request. This authentication request will also have in some > attributes, the mac addresses of the CPE. > > Questions > > Is that possible to configure freeradius to send an authentication success > to request 2 only if request 1 has been seen and has been successfully > authenticate. (based on the mac address) ? Not configure, but you can write a script/module that searches cached replies to see if there is one that fits your criteria. Freeradius routinely checkes incoming requests to see if same one was processed already and if it has sends the reply from the cache without processing the (dulicated) request. You can re-use and adapt some of that code for your purpose. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
