RE: [Help-gnu-radius] Allow authentication from any IP ?

help-gnu-radius

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Help-gnu-radius] Allow authentication from any IP ?

From:	Stéphane Huguet
Subject:	RE: [Help-gnu-radius] Allow authentication from any IP ?
Date:	Mon, 24 Nov 2003 16:52:35 +0100

I don't feel myself to modify source code then build GNU radius  ...
Could it be possible to find a trick to turn around this thing ?

Stéphane

-----Message d'origine-----
De : address@hidden
[mailto:address@hidden la
part de List User
Envoyé : vendredi 21 novembre 2003 20:47
À : Maurice Makaay; Stéphane Huguet
Cc : address@hidden
Objet : Re: [Help-gnu-radius] Allow authentication from any IP ?


According to Sergey's previous email, this feature is planned for the future
version of Radius. If you can't wait, you can change radius sourse and
rebuild radius youself (my solution, which works fine in production for me):
look for the change in the implementation of client_lookup_ip function (see
attached file).

Then change client file so, LAST entry looks like this:

255.255.255.255 MyVerySharedSecret

Note tha radius will still processs individuals secrets BEFORE the line
above.

Leon




----- Original Message -----
From: "Maurice Makaay" <address@hidden>
To: "Stéphane Huguet" <address@hidden>
Cc: <address@hidden>
Sent: Friday, November 21, 2003 2:09 AM
Subject: Re: [Help-gnu-radius] Allow authentication from any IP ?


> Hi,
>
> > Is there a way to allow any source IP to connect to the RADIUS server
with a
> > 'shared' radius key ?
> > Something like inserting at the end of the 'clients' file:
> > DEFAULT shared-radius-key
>
> I just looked into the source code and there is currently no such feature
> in the radius server. To make this file more compliant with some of the
> other configuration files, the DEFAULT client should be added as a new
> feature. Thus: at this moment you cannot use the construction as
> described above.
>
> Sergey: would it be a good idea to add DEFAULT logic to the handling of
the
> clients file? If this feature is added, I think the netmask patch I sent
in
> yesterday should be added as well to the clients code. It's mostly
> cut'n'paste to make this work.
>
> Regards,
>
> -- Maurice Makaay
>
>
>
> _______________________________________________
> Help-gnu-radius mailing list
> address@hidden
> http://mail.gnu.org/mailman/listinfo/help-gnu-radius
>

[Prev in Thread]

Current Thread

[Next in Thread]

[Help-gnu-radius] Allow authentication from any IP ?, Stéphane Huguet, 2003/11/21
- Re: [Help-gnu-radius] Allow authentication from any IP ?, Maurice Makaay, 2003/11/21
  - Re: [Help-gnu-radius] Allow authentication from any IP ?, List User, 2003/11/21
    - RE: [Help-gnu-radius] Allow authentication from any IP ?, Stéphane Huguet <=
    - RE: [Help-gnu-radius] Allow authentication from any IP ?, Sergey Poznyakoff, 2003/11/24

Prev by Date: Re: [Help-gnu-radius] Different reply attributes based upon an username
Next by Date: [Help-gnu-radius] Long startup time
Previous by thread: Re: [Help-gnu-radius] Allow authentication from any IP ?
Next by thread: RE: [Help-gnu-radius] Allow authentication from any IP ?
Index(es):
- Date
- Thread