|
||||||||
I pretty sure they just saw NAS-IP-Address from the radius server as a server assigned attribute (not from the m0n0wall, because he doesn't sent that) When in access-requests / accounting-requests NAS-IP-Address is missing (then NAS-Identifier must be set, which is) the RADIUS will assign the NAS-IP-Address with value of the source-ip of the packet. No matter which interface the packet goes out on the m0n0wall, the NAS-IP will always be correct in this matter ;) It's only a problem when you have dynamic ip, and still want to lock on NAS-IP-Address (which can be static) J. -- Jonathan De Graeve Network/System Administrator Imelda vzw Informatica Dienst 015/50.52.98 Jonathan dot de dot graeve at imelda dot be > -----Oorspronkelijk bericht----- > Van: Lee Sharp [mailto:leesharp at hal dash pc dot org] > Verzonden: vrijdag 11 november 2005 15:31 > Aan: m0n0wall > Onderwerp: Re: [m0n0wall] new RADIUS images > > From: "Jonathan De Graeve" <Jonathan dot De dot Graeve at imelda dot be> > > > Are you sure? > > > Since the NAS-IP-Address appeared just recently in my images (before > > 2005/11/07 there wasn't any) > > The 3rd parts RADIUS server was accepting login (and said they were > getting > NAS-IP) with 1.2b10.wd2.21-radius2 for a while. Then again, they have > consistently been less than helpful, so it may be RADIUS assuming it like > you said. > > Lee > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch > > |