I’m looking for someone to customize the FreeRADIUS code, or possibly configure a proxy.
I would like FreeRADIUS to check the Secret of incoming requests based upon the domain (derived from the username), instead of the IP address.
I would like to have the Secrets of each client loaded in a mySQL DB, listed with their Domain. So when a request comes in, I want freeradius to search and try to match the incoming client’s Domain (what’s after the @ in the username) with a Secret in the DB. I would use Called-Station-ID (MAC Address) instead of domain, but I’ve found not all include this in their requests.
I want to do this because some clients (Wi-Fi access points) will be behind NAT routers and I don't want the IP addresses involved in verifying the shared secret of incoming requests. Therefore, each NAT location can have more than one client. Plus so I don't have to keep freeradius updated with the dynamic IPs of the clients/NAT locations.
I asked questions on the freeradius mailing lists and they recommended two different solutions:
- Edit the code of the Dynamic Clients module
- Create and put a mini-proxy server in front of FreeRADIUS just to do all the shared-secret malarkey and then pass back to FreeRADIUS afterwards…using the following Perl module:
[url removed, login to view]~tpg/[url removed, login to view]
My budget is around $400 USD.
8 freelancers are bidding on average $431 for this job
I just looked at /etc/freeradius/[url removed, login to view] on one of the servers I am responsible for and am 99% sure that your requirements can be met by writing no code outside of some creative configuration in [url removed, login to view] and that you Lisää