Hi.
We are trying to work through a potential security issue at the moment.
We have several types of services, some we assign IP addresses to via
Radiator and some do dynamic IP (depending on the NAS).
So we have configured radiator with some customers that have IP addresses
and some that do not and this seems to work fine. When the customer calls
in they either get assigned:
a: The IPaddress which has been allocated to them via radiator.
b An IP address from a pool we have set.
However the problem appears to be that a customer who has no IP assigned
can call the server which requires a fixed IP. He will normally then get
the IP of 10.10.10.1. However if they give themselves an IP and then
dialin the NAS will accept whatever IP that they supply, and as long as it
will route them then they are away.
Is there any way we can stop this and force the user to use the IP that we
assign them via radius or a pool or is this something we need to configure
on the NAS? We use Ascend TNT, Max and Cisco 2100s.
Any advice appreciated.
Cheers
John
--
John Vorstermans || As the mind, so the man;
Actrix Networks Limited || bondage or liberation are in
Level 1, 282 Wakefield St, Wellington NZ || your own mind.
Phone (021) 432-987 || Sanskrit saying.
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
