Page MenuHomeVyOS Platform
Create Task
Maniphest T4040

RADIUS: NAS-ID configuration
Closed, WontfixPublicFEATURE REQUEST
Actions

Description

We use RADIUS as part of our AAA framework. When RADIUS is configured, the VyOS router uses an ID: sshd, which is not its ID but the process name that started the request.

I'd like to expose the feature to set the ID via the CLI.

Currently we're needing to manually change the ID via the /etc/radcli/radiusclient.conf file:

# RADIUS settings

# The name to be used to identify this NAS (server). If set it will
# be used in NAS-Identifier field and will override any such setting
# by the application.
#
#nas-identifier my-server-name

Basic RADIUS Config:

set system login radius server x.x.x.x key xxxx
set system login radius server x.x.x.x port 1812
set system login radius server x.x.x.x timeout 15
set system login radius source-address y.y.y.y

Currently Running:

Version:          VyOS 1.3.0-rc6
Release Train:    equuleus

Built by:         Sentrium S.L.
Built on:         Sun 22 Aug 2021 15:37 UTC
Build UUID:       965518de-857d-4e61-ab09-381aadf24eb1
Build Commit ID:  75b37b28b2e9ab

Architecture:     x86_64
Boot via:         installed image
System type:      bare metal

Details

Version
-
Is it a breaking change?
Unspecified (possibly destroys the router)

Event Timeline

showipintbri created this task.Dec 2 2021, 9:52 PM
syncer edited projects, added VyOS 1.3 Equuleus (1.3.2); removed VyOS 1.3 Equuleus.Aug 14 2022, 1:05 PM
dmbaturin edited projects, added VyOS 1.3 Equuleus (1.3.3); removed VyOS 1.3 Equuleus (1.3.2).Aug 14 2022, 6:33 PM
syncer edited projects, added VyOS 1.3 Equuleus (1.3.4); removed VyOS 1.3 Equuleus (1.3.3).Jul 12 2023, 9:47 PM
syncer edited projects, added VyOS 1.3 Equuleus (1.3.5); removed VyOS 1.3 Equuleus (1.3.4).Aug 25 2023, 9:29 PM
syncer edited projects, added VyOS 1.3 Equuleus (1.3.6); removed VyOS 1.3 Equuleus (1.3.5).Dec 17 2023, 11:36 PM
Viacheslav triaged this task as Low priority.Jan 20 2024, 10:34 AM
Viacheslav edited projects, added VyOS 1.5 Circinus; removed VyOS 1.3 Equuleus (1.3.6).
syncer closed this task as Wontfix.Oct 30 2024, 12:32 PM
syncer claimed this task.
syncer removed a project: VyOS 1.5 Circinus.
syncer subscribed.

There is no business case for this feature

stasonuu subscribed.Feb 18 2025, 3:01 PM

NAS-Identifier typically uses hostname in all network OS and devices that I have used. Since “VyOS - Open source router and firewall platform”, which refers to network OS or virtual routers, I think setting NAS-Identifier = hostname by default would be more native. As alternative making it possible to change the NAS-Identifier value via cli, something like that: set system login radius nas-identifier host-name

Viacheslav subscribed.Feb 18 2025, 4:40 PM

@stasonuu Feel free to create a PR
maintainers will take a look. thanks