Hi,

I am trying to understand how the following attributes are used on the
Radius server. The description in the RFC is not clear on this.

Below is my view :-

NAS-IP-Address
The address provided in the NAS-IP-Address attribute is checked
against a user profile on the radius server. The check being can this
user with the IP Address provided in "NAS-IP-Address", allowed to be
authenticated on this Radius server. Presumably, against the user
profile on the radius server, username, password and the IP address
fields can be configured.

This suggests that the IP address provided in "NAS-IP-Address" does
not have to be the same as the source IP address of our Client, as
long as, the IP address configured for the user on the radius server
is agrees with the value provided in NAS-IP-Address.

NAS-Identifier
This is a string to identify the client. The radius server will use
this string name to look up on a DNS to find the client IP address. As
with the NAS-IP-Address, the IP address returned by the DNS is used to
check if the user is allowed to be authenticated on the Radius server.

Could you please confirm or correct my understanding.

Thank you for your help.

Pete