radius is only an AAA and transmit Auth OK/KO to VPN terminator and IP
allow/deny rules to VPN terminator (ip filtering like iptable)
So radius only Auth termination of VPN tunnel and transmit per user linked
policy deny and allow rules (like iptable as said).
I think VPN terminator can be
Why are you letting the clients register their own addresses in DNS in the
first place? If you want a higher level of control, move the DDNS
responsibility to the DHCP server.
Thats well and good for an organization that controls ALL of the end points. In
a university that isn’t possible.
_
Nicholas Miller, OIT, University of Colorado at Boulder
> On Mar 23, 2018, at 2:04 PM, Mark Andrews wrote:
If you don’t want 6to4 addresses stop the machine configuring them.
Not everything should be done at the DNS level.
--
Mark Andrews
> On 24 Mar 2018, at 01:07, Nicholas Miller
> wrote:
>
> As a followup, is there a way to stop Windows systems from adding their
On 23 March 2018 at 13:32, Meike Stone via bind-users <
bind-users@lists.isc.org> wrote:
> Hello,
>
> at the moment, I use ISC dhcpd to register all client names in the DNS
> (Bind) via isc's ddns api. Every thing is working well.
> But now, some notebook clients should get company access via
In the years I had bad issue with ISC bind and Fedora box.
Possible was my box but moving to NIC IP all was fine.
yes inside resolv.conf NIC IP instead of localhost eg 127.0.0.1
in all case IP socket have to open on layer 3 and shouldn't go on layer2 as
socket know that IP as REACHED.
it
Hoi Adam,
If you're running Linux and I do not know if it works on all distros,
add a text file in /etc named "resolv.conf.head" and put in there:
nameserver 127.0.0.1
It should put the lines in there at the start of your resolv.conf
after getting the info through dhcp.
Hello,
at the moment, I use ISC dhcpd to register all client names in the DNS
(Bind) via isc's ddns api. Every thing is working well.
But now, some notebook clients should get company access via UMTS or
VPN. In this case, a radius server is controlling the IP addresses,
not the ISC dhcpd.
So no
We're getting a little afar of DNS and BIND here, since this is OS networking
configuration stuff, made slightly more complicated by the fact that (as far as
I can see) you didn't specific what OS and/or distro you're running.
So let's get generic.
Google'ing "pppd override resolvers". First
As a followup, is there a way to stop Windows systems from adding their 6-to-4
record? I see little point in adding these records to a domain.
_
Nicholas Miller, OIT, University of Colorado at Boulder
> On Mar 22, 2018, at 12:13 PM,
10 matches
Mail list logo