>>> [EMAIL PROTECTED] 05/12/2004 13:32:26 >>> Neil Craig wrote: > For places that have a non static IP then I thought MAC auth would > make > sense - so no matter what the IP changed to I could still authenticate > them...
>You can do that by defining all possible IPs as clients. >But the downside is that you'll have to open you radius server to accept >requests from all those IPs, which isn't a good idea because your server >could than easily be disturbed by DOS attacks. > >You can overcome the problem of dynamic IPs by using tunnels however. How do you go about setting a tunnel up? Just like a VPN connection between NAS and Server? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
