I just noticed that all RADIUS requests listed in my audit log show the local server’s IP and not the IP of the remote system making the radius request. If I look in the freeradius logs, I see RAD_REQUEST attributes…is it possible to pass that information to PrivacyIDEA for audit logging or policy processing?
The IP is passed, but usually privacyIDEA ignores it.
You must define, “which client is allowed to pass another client IP”.
In this case, your FreeRADIUS server.
See https://privacyidea.readthedocs.io/en/latest/configuration/system_config.html#override-authorization-client