Dear all
We have a MAX TNT nas and now we have problems with
spoofed icmp-echo and echo-reply packages.
To sole the problem we must enable the
Ascend-Source-IP-Check VSA reply for users authenticated from free
radius.
So I modified the clints.conf file to
:
client A.B.C.D {
secret =
somesecret
shortname =
max
Ascend-Source-IP-Check[96]=1
}
After change radius does not complains about the
new line but in debug output (radiusd -x -x) i cant see anything about this
durring user authentication.
Is my radius propertly configuerd to send
Ascend-Source-IP-Check ?
If yes how I can verify ?
If no how I can send this VSA from freeradius
?
Please not that we have cisco boxes also as
clients of free radius.
How I can enable anti-spoofing for cisco dial-up
users ?
Thanks
A. Lykiardopoulos
|
- Re: anti-spoofing (VERY URGENT !!!) freeradius
- Re: anti-spoofing (VERY URGENT !!!) Alan DeKok
- Re: anti-spoofing (VERY URGENT !!!) Dimitrios E. Digas