"John Williams" <[EMAIL PROTECTED]> wrote: > Someone did mention to me that you can auth a NAS so any auth requests > coming from that NAS will be authenticated. > Is this right?
Sort of, but for your purposes, no. You *can* do: DEFAULT Client-IP-Address == 1.2.3.4, Auth-Type := Accept Which is "authenticate all requests from NAS 1.2.3.4". But it's no different than the previous problems with Auth-Type := Accept. The problem you're running into is not the NAS, it's the software on the end user machine. It's doing MS-CHAP, and the NAS is just blindly passing traffic back and forth. Anyways, I explain this in more detail in my book. It should be done by Christmas. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html