login radius: use NAS-IP-Address if defined source address
Closed, ResolvedPublicFEATURE REQUEST
Actions

Assigned To

Unknown Object (User)

Authored By

	Unknown Object (User)
	May 19 2020, 12:12 PM

Description

It will be helpful to use NAS-IP-Address = <source ip address> instead of 127.0.1.1 by default.
link to the forum topic https://forum.vyos.io/t/radius-not-setting-nas-ip-as-source-ip/4661
It is possible if replace string in /etc/hosts e.g.

#127.0.1.1            vyos
198.51.100.1       vyos

The better solution, change source code libpam-radius-auth

Unknown Object (User) created this task.May 19 2020, 12:12 PM

PR for this task https://github.com/vyos/libpam-radius-auth/pull/3
I propose to use always source-address as NAS-IP-Address if it defined

Unknown Object (User) claimed this task.May 25 2020, 5:27 PM

Unknown Object (User) changed the task status from Open to In progress.May 25 2020, 8:08 PM

Successfully tested on 1.3-rolling-202005261512, propose to backport it to CRUX.

For what little to no weight my opinion matters, I also agree that this should be backported to Crux.
As I've bashed my head into it testing :-)

Feature now also in crux version ob libpam-radius.

c-po closed this task as Resolved.Jun 17 2020, 5:20 PM

c-po moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus board.

c-po changed Difficulty level from Unknown (require assessment) to Easy (less than an hour).