(RADIATOR) Client identifier

Hugh Irvine hugh at open.com.au
Mon May 19 18:19:56 CDT 2008 

Hello Henning -

How are you going to know which people are allowed to log in to which  
device?

I think you may need to do the check as part of the authentication  
rather than by using the Client-Identifier.

If you can give me a bit more information I will try to make a better  
suggestion.

regards

Hugh



On 19 May 2008, at 20:02, Henning Markussen wrote:

> Hello
>
> I have a task where i need to separate a lot of network devices,  
> who is
> allowed to logon, and who is not.
>
> The problem is that I don't have a list of all the ip addresses
> Currently I'm using this setup to handle all devices the same.
>
> <Client DEFAULT>
>       Secret xxxx
>       Identifier Default
> </Client>
>
> and then later the
> <Handler Client-Identifier = Default>
> </Handler>
>
> Since I don't have a complete list of ip adresses, my plan was  
> maybe to
> use diffrent secrets.
>
> <Client other>
>       Secret verysecret1
>       Identifier other
> </Client>
>
> <Client DEFAULT>
>       Secret verysecret1
>       Identifier Default
> </Client>
>
>
> and then
>
> <Handler Client-Identifier = other>
> do something
> </Handler>
>
> <Handler Client-Identifier = Default>
> do something
> </Handler>
>
> But it seems that the Client part, has to be ip specific or the  
> default
> class.
>
> I looked at IdenticalClients, but that again comes back to the problem
> that I don't have a complete ip list.
>
> Is there a other way/option/approach that I have missed?
> Or any other ideas ....
>
> - Henning
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.



NB:

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/ 
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
Have you checked the RadiusExpert wiki:
http://www.open.com.au/wiki/index.php/Main_Page

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.


--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list