On 2011/10/24 09:06 PM, Jennyanydots Napoleon Shoehorn wrote: > OH! I've looked too many lines of code over the last week. > > I have no idea how to patch but will investigate. Was thinking we might have > to use nas-id instead. > > The ultimate intention was to use the mac address of the nas and a nas > specific shared secret. > > In your opinion, are there better ways to deal with dynamic clients? > > Thanks again >
Hi, I look up my clients using "dynamic clients" and Nas-Identifier. You need a module that is not included by default called rlm_raw. You can download a patch here: http://www.sendspace.com/file/f91rqi The last file wont apply cleanly to 2.1.12, just manually add rlm_raw to the "src/modules/stable" file. (Look at the patch). In your freeradius config, you need to "instantiate" rlm_raw. /etc/freeradius/radiusd.conf instantiate { raw } You need a module: /etc/freeradius/modules/raw raw { } My dynamic clients config: /etc/freeradius/sites-available/my-dynamic-clients client dymamic { ipaddr = 0.0.0.0 netmask = 0 dynamic_clients = dynamic_nas lifetime = 86400 } server dynamic_nas { authorize { if ("%{sql: select count(*) from Nas where Identifier='%{raw:NAS-Identifier}'}" == "1") { update control { FreeRADIUS-Client-IP-Address = "%{Packet-Src-IP-Address}" FreeRADIUS-Client-Require-MA = no FreeRADIUS-Client-Secret = "%{sql: select RadiusSecret from Nas where Identifier='%{raw:NAS-Identifier}' and NasTypeID=1}" FreeRADIUS-Client-Shortname = "%{Packet-Src-IP-Address}" FreeRADIUS-Client-NAS-Type = "other" FreeRADIUS-Client-Virtual-Server = "dynamic_server" } ok } } } Notes: - "dynamic_server" is the spesific virtual server than handles the dynamic clients. - the rlm_raw packet MIGHT contain Calling-Station-Id (or do you mean Called-Station-Id??) as well. You will have to look. Hope this helps. Cheers, -- Johan Meiring Cape PC Services CC Tel: (021) 883-8271 Fax: (021) 886-7782 -------------------- Before acting on this email or opening any attachments you should read Cape PC Service's email disclaimer at: http://www.pcservices.co.za/disclaimer.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html