[ < ] [ > ]   [ << ] [ Up ] [ >> ]         [Top] [Contents] [Index] [ ? ]

4.3 Clients List — ‘raddb/clients

The ‘raddb/clients’ lists NASes which are allowed to make authentication requests. As usual, the ‘#’ character introduces a comment. Each record in the file consists of two fields, separated by whitespace. The fields are:

NAS name

Specifies a hostname or IP address of the NAS.

Key

Lists the encryption key shared between the server and this NAS.

If the set of NASes share the same encryption key, there are two ways to list it in ‘raddb/clients’. First, if these NASes lie in a single network, you can specify this network address in NAS name field, e.g.:

 
10.10.10.0/27   seCRet

Notice also that specifying full netmask after the ‘/’ character is also allowed, so that the above example could also be written as follows:

 
10.10.10.0/255.255.255.224   seCRet

Otherwise, the keyword DEFAULT may be used as NAS name. This notation will match any IP address, so it should be used with caution.


[ < ] [ > ]   [ << ] [ Up ] [ >> ]         [Top] [Contents] [Index] [ ? ]

4.3.1 Example of ‘clients’ file

 
# This is a list of clients which are allowed to make authentication 
# requests.
# Each record consists of two fields:
#       i.  Valid hostname.
#       ii. The shared encryption key for this hostname. 
#
#Client Name            Key
#----------------       -------------------
myhost.dom.ain          guessme         
merlin                  emrys           
11.10.10.10             secRet

[ < ] [ > ]   [ << ] [ Up ] [ >> ]

This document was generated by Sergey Poznyakoff on December, 6 2008 using texi2html 1.78.