[RADIATOR] Multiple client identifiers with same IP
Jim Tyrrell
jim at scusting.com
Thu Oct 8 08:19:33 CDT 2009
Is it valid to have multiple Client identifiers with the same IP?
I have a client identifier which refers to a group of LNS, however I
wanted to change the behaviour of a specific LNS for a specific handler
so I added another identifier for the specific LNS as below:
-----------------------------------------
<Client 10.0.0.1>
Identifier LNSgroup
Secret secretpass
IdenticalClients 10.0.0.2
IdenticalClients 10.0.0.3
</Client>
<Client 10.0.0.1>
Identifier LNS1
Secret secretpass
</Client>
<Handler Client-Identifier = LNS1, Realm =
/(realm1.com|realm2.com|realm3.com)/>
AuthByPolicy ContinueAlways
<AuthBy TEST>
<blah>
</AuthBy>
</Handler>
<Handler Client-Identifier = LNSgroup, Realm =
/(realm1.com|realm2.com|realm3.com)/>
AuthByPolicy ContinueAlways
<AuthBy TEST>
<blah>
</AuthBy>
</Handler>
<Handler Client-Identifier = LNSgroup, Realm =
/(realmX.com|realmY.com|realmZ.com)/>
AuthByPolicy ContinueAlways
<AuthBy TEST>
<blah>
</AuthBy>
</Handler>
-----------------------------------------
I could of sworn I had done something like this before but when I tried
it I ended up with all requests being rejected for Realms X,Y & Z from
LNS1, not sure if Realms 1,2&3 and the other LNS were as well or not as
I panicked and didnt wait to find out. :P
They authentication didnt match any of the above handlers:
Thu Oct 8 13:43:38 2009: DEBUG: Handling request with Handler ''
Thu Oct 8 13:43:38 2009: INFO: Access rejected for user at realmX.com: No
AuthBy found
Is my config invalid? Should I have kept one Client identifier and
instead added "NAS-Identifier=LNS1" to the 1st handler?
I dont want to make that mistake again! :P
Thanks.
Jim.
More information about the radiator
mailing list