For those interested: Information gotten from
http://sourceforge.net/apps/trac/hotcakes/wiki/YfiTechDynamicClients In regards to the usage of Called_Station_Id, rlm_raw and SQL checks. Kind regards Steve > >> 1. FreeRadius lacks the ability to actually run Nas's behind a link with >> a >> dynamic IP. Although not recommended, this software does not support a >> proper way of dealing with this. > > Nonsense. This is a fundamental limitation of the RADIUS protocol. > > If you want to use dynamic IPs, use a VPN, or TLS (RFC 6614) > >> This is indeed a fake. I have added this in mysql in the nas table under >> the field community (described in ify /yfi setup). The connection >> actually >> works. I can (ab)use this field as much as desired > > Because RADIUS depends on source IP. > >>> Of course. RADIUS depends on IP addresses, not on Called-Station-Id. >>> This is documented in the "dynamic_clients" configuration. Right at >>> the top of the virtual server. >> >> Yes, I have read the documentation (multiple sources, google etc...) I >> was >> just wondering what happens when you use the raw module. > > It's not distributed with the server. So it's not a supported module. > And no, I don't use it. > > And no, you haven't read the documentation. The files I mentioned > *clearly* states that the dynamic clients use and cache the source IP. > They say NOTHING about checking the Called-Station-Id for each packet. > >> Is a client defined by a NAS or a user? > > RADIUS clients are defined by source IP. The documentation you > allegedly read makes this clear. So there's no need to ask the above > question... because the documentation already answers it. > >> The output shows indeed when it goes through the the dynamic server >> section and once it is authenticated it only runs through the default >> (which is understandable) > > So... *nothing* else in the debug output is useful to you. > > I guess you've read it as carefully as you've read the documentation. > > Alan DeKok. > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html