Plenty of reasons - but one you won't have control over even in CoA is
that it could be proxied.
The NAS-IPAddress is used in the CoA request packet to tell the NAS
which client should receive the packet.
Marlon Duksa wrote:
Hi everyone -
Can anyone think of a reason why the NAS-IP and the scr-IP of the
access-req packet should not be the same?
If the NAS-IP is configurable in the NAS, then the NAS-IP can be set to
the IP address other than the src-ip of the NAS that is used in reqular
FreeRadius accounting/authorization packets. The source IP address of
the NAS is normally the native interface address from which access-req
was sent (but it can be configurable).
The NAS-IP would be used to address NAS in CoA requests sent from the
FreeRadius. We need this behavior to address certain deployment
requirements.
for example:
IP prot:
srcIP: 1.1.1.1 dstIP: 2.2.2.2
Radius prot:
code: access-request (1)
AVPs:
NAS-IP-Address: 3.3.3.3
scrIP != NAS-IP-Address
Thanks,
Marlon
------------------------------------------------------------------------
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
