Radius Client IP passthrough to PI (from FreeRadius)

I’m using PI with the FreeRadius plugin, and would like to do client filtering on some policies.

When running my tests, it looks like PI reads all of the Client IP’s as the FreeRadius server IP, but not the Radius Client IP. Is this expected behavior?

Use case: using PI as Radius OTP (so only need the OTP portion) for one application. Other credentials (domain login) are handled in a separate process. However, I’d like to have policies apply to auth requests from this one client, not necessarily that FreeRadius is passing to PI.

Thanks for the tip. Turns out my FreeRadius virtual server was mostly using the supplied PI-only site configs. Needed to add the “preprocess” module to the authorization phase before all of the settings took effect.

1 Like