On 10/24/2011 08:45 PM, JennyBlunt wrote:
Hello Phil
I guess we don't need a per NAS secret but thought it might help block
any customers we don't need.
We have a load of wifi hotspots on dynamic ips. We know all their nas
Ok, that's about the hardest case I'm afraid.
If you have the option of using something like a tunnel (IPSec) to bring
the NASes into your network and give them local IPs I would take it.
If not, then an out-of-band solution might work.
There's no easy answer here I'm afraid. It will depend on the numbers
and vendor of your NAS, the capabilities they have and lots of other
factors.
In an ideal world, radius-over-TLS (RadSec) would solve this problem but
it's basically guaranteed your NASes don't support it (nothing does yet,
and possibly never will for NAS->Server traffic).
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
