On 2007-05-30 00:28, Dennis Skinner wrote: > Mati Katz wrote: >> hello >> i'm using the 1.1.5 version of freeradius. >> i have problem i setup a client in clients.conf that is a host name >> like fkatz.dyndns.org because my NAS has dynamic ip. When i try to >> login at first time (i use DD-WRT + chillispot built-in) i succeeded >> but after i receive new dynamic ip from my ISP the radius reject it >> because he doesn't know the new ip. >> The radius server works fine with IP static i tested. >> Also i checked lookup and ping to the fkatz.dyndns.org after the >> dynamic ip has changed and very fast it refreshs. > > The simple answer is don't use dynamic hosts. > > FreeRADIUS reads the clients file once at startup, resolves the IP's and > then stores those. It won't know about the new IP until the daemon is > restarted (or in theory HUP'ed when that is fixed). > > If you must use dynamic hosts, then you will need to specify an IP range > like this: > > client 192.168.0.0/24 { > secret = testing123-1 > shortname = private-network-1 > } > > That would allow a NAS to have any of 254 different IP's and still be > able to talk to FreeRADIUS. It would also allow anyone else on those > IP's who wants to talk to you NAS and can figure out the secret to > potentially do naughty things.
Maybe "fastusers" with short hash_reload is able to solve that issue? Pozdrawiam, Krzysztof Olędzki -- Krzysztof Olędzki Axel Springer Polska Sp. z o.o. tel: +48-22-2320969 fax: +48-22-2325530 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html