hello,
I am interested in implementing an authentication scheme in radius based
on client IP address and I want to support nated clients.
I see that modules RadAcct, RadAuth and RadAliasAuth are filling the
"Framed-IP-Address" attribute with the nated ip address. is it possible
to change this (a configuration option) an fill Framed-IP-Address with
the ip address of the nat box ?
I see that in the CDRs printed out on the status port the ip address
used is the one from the nat box, so maybe is a inconsistency somewhere,
some modules are using the ip address of the nat box and some modules
are using the nated ip address.
with the nated ip address any ip based authentication scheme (and
radius) is useless because anyone that knows an ip cleared to send
traffic can circumvent the ip based authentication.
thanks,
Razvan Radu
-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
_______________________________________________________
Posting: mailto:Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx
Archive: http://sourceforge.net/mailarchive/forum.php?forum_id=8549
Unsubscribe: http://lists.sourceforge.net/lists/listinfo/openh323gk-users
Homepage: http://www.gnugk.org/
