Project

General

Profile

Bug #9738

Client IP address validation disallows CIDR notation

Added by Tom Whitwell 10 months ago. Updated 6 months ago.

Status:
Resolved
Priority:
Normal
Category:
FreeRADIUS
Target version:
-
Start date:
09/09/2019
Due date:
% Done:

100%

Estimated time:
Affected Version:
Affected Architecture:

Description

Hi,

As specified in the FreeRADIUS documentation, `ipaddr` can be supplied in CIDR format when defining clients:

https://networkradius.com/doc/3.0.10/raddb/syntax/data_ip.html

This is useful when deploying multiple APs from the same configuration - ie. Unifi.

The pfSense FreeRADIUS port does not accept a CIDR to be specified for a client:
https://github.com/pfsense/FreeBSD-ports/blob/9e832f613780e0128a45059a644de143adcd19e5/net/pfSense-pkg-freeradius3/files/usr/local/pkg/freeradius.inc#L4018

History

#2 Updated by Jim Pingle 6 months ago

  • Status changed from New to Pull Request Review

#3 Updated by Renato Botelho 6 months ago

  • Status changed from Pull Request Review to Feedback
  • Assignee set to Renato Botelho
  • % Done changed from 0 to 100

PR has been merged. Thanks!

#4 Updated by Viktor Gurov 6 months ago

  • Status changed from Feedback to Resolved

Renato Botelho wrote:

PR has been merged. Thanks!

tested on 2.5.0.a.20200119.2335 with freeradius30.15.7_9

works ok, I can see CIDR addresses in clients.conf and connect to radius from these ranges

Also available in: Atom PDF