> I am using freeradius since four years and I used PPTP/L2TP tunnel for > autenticating users against my RADIUS servers with one of my NAS has a > dynamic IP (xDSL). However, I can not rely on these connections and the > connectivity sometimes fall down and the tunnel, too. > > I have some reasons for not to use dyndns or this kind of services. > > I decided to autenticate my NAS using only the shared key: > >client 0.0.0.0/0 { > secret = same_secret_for_eveyone > shortname = my_network >} > > I recognize a problem with DoS attack to my DB. > > I can not autenticate the client IP because I have xDSL with dynamic IP. Do > you know some other solucion instead of autenticating the public IP in the > authorize step? >
Yes. Use 2.1.1. Have a look at raddb/sites-available/dynamic-clients. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html