Page MenuHomeVyOS Platform

login radius: use NAS-IP-Address if defined source address
Closed, ResolvedPublicFEATURE REQUEST

Description

It will be helpful to use NAS-IP-Address = <source ip address> instead of 127.0.1.1 by default.
link to the forum topic https://forum.vyos.io/t/radius-not-setting-nas-ip-as-source-ip/4661
It is possible if replace string in /etc/hosts e.g.

#127.0.1.1            vyos
198.51.100.1       vyos

The better solution, change source code libpam-radius-auth

Details

Difficulty level
Easy (less than an hour)
Version
-
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)

Event Timeline

Dmitry created this task.May 19 2020, 12:12 PM
pasik added a subscriber: pasik.May 19 2020, 7:22 PM

PR for this task https://github.com/vyos/libpam-radius-auth/pull/3
I propose to use always source-address as NAS-IP-Address if it defined

Dmitry claimed this task.May 25 2020, 5:27 PM
Dmitry changed the task status from Open to In progress.May 25 2020, 8:08 PM
Dmitry changed the task status from In progress to Backport candidate.May 26 2020, 5:47 PM
Dmitry added a project: Ready for Crux (1.2.x).

Successfully tested on 1.3-rolling-202005261512, propose to backport it to CRUX.

tjh added a subscriber: tjh.Jun 17 2020, 4:14 AM

For what little to no weight my opinion matters, I also agree that this should be backported to Crux.
As I've bashed my head into it testing :-)

c-po added a subscriber: c-po.Jun 17 2020, 5:20 PM

Feature now also in crux version ob libpam-radius.

c-po closed this task as Resolved.Jun 17 2020, 5:20 PM
c-po moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po edited projects, added VyOS 1.2 Crux (VyOS 1.2.6); removed Ready for Crux (1.2.x).
c-po changed Difficulty level from Unknown (require assessment) to Easy (less than an hour).
c-po moved this task from Needs Triage to Finished on the VyOS 1.2 Crux (VyOS 1.2.6) board.