I have a customer that wants to update the shared secret on his Cisco gateways that are sending my FreeRADIUS servers accounting information. I would like to update clients.conf to accept both shared secrets, tell my customer to make their changes, and then update clients.conf again with just the new secret.
If I put two entries in clients.conf with the same subnet but different secrets and the same shortname, only the second entry works. If I put two entries in clients.conf with the same subnet but different secrets and different shortnames, only the second entry works. If I put one entry in clients.conf with two "secret =" lines with two different secrets, only the first secret works. Just for grins, I tried using a regular expression (secret =~ secret1|secret2) on the secret line (although this shouldn't work because shared secrets are one-way hashed before being sent), and sure enough, neither secret worked. What is the recommended procedure for updating a shared secret with zero downtime? -- Earl C. Ruby III <[EMAIL PROTECTED]> Senior Systems Engineer / Developer Switch Management - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
