Johan Meiring wrote: > Using the sites-available as an example I created the following: > > A Virtual Server with a authorize section that will create the client. > Tested working using static info. ... > Works perfectly.
As designed. > No I replace the "static info" above with a SQL query, again using the > example > > ------------------------------------------------------------- > server dymamic_nas { > authorize { > if ("%{sql: select NasID from Nas where > Identifier='%{NAS-Identifier}'}") { OK... > The problem is that %{NAS-Identifier} expands to nothing. > This seems to be confirmed by the documentation. Ah... good point. Hmm... it's probably worth copying the NAS-Identifier to the fake packet. It's just useful enough to be worth it. > The documentation however mentions that I can somehow get hold > of the NAS-Identifier and use it to set the "shared secret". That's the intent, but the code doesn't match. > ------------------------------------------------------------- > # You can use any policy here. e.g. Check NAS-Identifier, > # and define a shared secret by NAS-Identifier, rather than > ------------------------------------------------------------- > > How do I get hold of the NAS-Identifier in order to find the required > secret. Give me a bit, and I'll go poke the code. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html