I am running FR 1.0.5 using MySQL including the nas list in a table. So far I have to use the same secret for a number of different NAS units which are connected to the Internet via a dynamic IP. My FR server is on the Internet and has to accept connections from the various NAS units, which can be connected with a variety of different IPs. One ISP has several IP ranges and all of these addresses have to be recognised. So far I am using a masked IP address as nas identifier (e.g. 123.123.0.0/16).
How can I use a unique secret for each NAS connected to the same ISP? This is the fixed position format of the nas list in sql (rlm_sql.c): /* * Format: * Row1 Row2 Row3 Row4 Row5 Row6 Row7 Row8 * * id nasname shortname type ports secret community description * */ >From what I understand and experienced, the nasname must be either a DNS resolveable name or an IP address or IP range with netmask. Since my nas clients are on dynamic IP addresses and the nas list will only be read during the radius startup, I am using IP addresses with netmasks. Startup: Sun Dec 12 13:03:44 2005 : Debug: rlm_sql_mysql: query: SELECT * FROM phs_nas Sun Dec 12 13:03:44 2005 : Debug: rlm_sql (sql): Read entry nasname=123.123.0.0/16,shortname=MyShortName,secret=mySecretHere Sun Dec 12 13:03:44 2005 : Debug: rlm_sql (sql): Adding client 123.123.0.0/16 (MyShortName) to clients list ... read nas next entry Is there another way of handling dynamic NAS IP addresses and unique nas secrets? Gunther - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
