> > I'm sure that I'm not the only one that have NAS's behind dynamic IPs,
> > and this would make radius traffic from such NAS's much more secure.
OK, if you have Dynamic public IP you have two options:
1) use a DNS to identify the dynamic IP of your hotspot. It means that your
DSL router or hotspot has capability to update its public IP every x minutes.
You can use dyndns.org service. DSL routers normally have this feature.
2) Install a VPN tunnel like PPPTP/L2TP/OVPN... and route all the
autentication request for this range. For instance, you have your radius server
with IP 10.200.0.11 and your NASes with 10.200.0.x range. All the auth request
are sent by the tunnel, so all ones are valid.
I tried both methods with good results. However second option is better
because you have another way to access to your hotspots since you know which is
hotspot IP (tunnel IP (10.200.0.x)).
Santiago
_________________________________________________________________
¡Quítate unos clics! Ahora, Internet Explorer 8 tiene todo lo que te gusta de
Windows Live ¡Consíguelo gratis!
http://ie8.msn.com/microsoft/internet-explorer-8/es-es/ie8.aspx
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
