Let I explain better ...
I'm configuring WPA, so the Access Point sends Access-Request RADIUS packets to
freeradius, with the Client-IP-Address 10.10.10.1(that is the Access Point IP
Address, configured manually), to authenticate user.
freeradius receives Client-IP-Address from Access Point. No doubt about that.
All what I'm trying to do is send Client-IP-Address, after DHCP server assigns
one to the client(10.10.10.30, for example), via Post-Auth, to my application,
so that it can be possible to configure the firewall, allowing the traffic from
the host with Client-IP-Address.
Thanks,
Erico.
- Mensagem original
De: Alan DeKok <[EMAIL PROTECTED]>
Para: FreeRadius users mailing list
Enviadas: Quarta-feira, 4 de Abril de 2007 18:27:42
Assunto: Re: Res: Res: NAS-IP-Address
Erico Augusto wrote:
> during authorize phase, client doesn't have an IP (configure to DHCP),
> so the Access-Point fills the Client-IP-Addess with its own
> IP(NAS-IP-Address - 10.10.10.1).
No.
Client-IP-Address is the address of the RADIUS client that sent the
UDP packet. It is added by FreeRADIUS, and is internal to the server.
It has no meaning outside of FreeRADIUS.
The rest of your questions can be answered by saying that the
attribute is internal to FreeRADIUS, and isn't what you think it is.
Therefore, it doesn't have the problems you think it has.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
__
Fale com seus amigos de graça com o novo Yahoo! Messenger
http://br.messenger.yahoo.com/ -
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html