(RADIATOR) Radiator Static and Dynamic IP's in the same realm

Danny Kruitbosch d.kruitbosch at rdc.nl
Tue May 22 01:11:01 CDT 2001 

Hi all,

We had the same kind of setup and solved it like this:

We have separate <AuthBy> for static and dynamic ip allocation, and 1
'main' AuthBy to check the username/password AND
the type of IP allocation (i.e. dynamic or static).

So the config looks something like this:

<AuthBy SQL>
    Indentifier Main
    AuthSelect PASSWORD, IPALLOCATOR from SUBSCRIBERS where
USERNAME='%n'
   AuthColumnDef 0, User-Password, check
   AuthColumnDef 1, Auth-Type, check
</AuthBy>

<AuthBy SQL>
  Identifier Static
  AuthSelect STATICADDRESS from SUBSCRIBERS where USERNAME='%n' (our DB
table has a field for the optional static address of the user)
  AuthColumnDef 0, Framed-IP-Address, reply
</AuthBy>

<AuthBy DYNADDRESS>
  Identifier Dynamic
  Allocator DynamicAllocator (defined somewhere else in the config...)
  MapAttribute yiaddr, Framed-IP-Address
</AuthBy>

<Handler>
  AuthBy Main
</Handler>

If you build a config in this way the authentication process will jump
to the Static or Dynamic 'allocators'. The IPALLOCATOR field contains
the name of the different identifiers (so 'Dynamic' or 'Static').

Hope this helps,

Good luck!

Danny Kruitbosch
RDC Datacentrum B.V.
The Netherland

On 17 May 2001 09:58:28 +1000, Hugh Irvine wrote:
> 
> Hello Kyle -
> 
> The first thing to note in your AuthColumnDef's below are your 
> attribute definitions. The standard Radiator dictionary defines the 
> following:
> 
> AuthColumnDef 2, Framed-IP-Address, reply
> AuthColumnDef 3, Framed-IP-Netmask, reply
> 
> Secondly, if you use a following AuthBy DYNADDRESS in your 
> configuration file, it will only allocate a dynamic address if the 
> above attributes are not already present in the reply. Therefore, if 
> your static customers have these attributes returned in the AuthBy 
> SQL, the AuthBy DYNADDRESS will do nothing. Conversely, if the 
> dynamic customers have nothing returned for those attributes, the 
> AuthBy DYNADDRESS will allocate an address for them.
> 
> There is an example configuration file demonstrating how to use the 
> AuthBy DYNADDRESS in the file "goodies/addressallocator.cfg".
> 
> regards
> 
> Hugh
> 
> 
> At 10:26 -0400 16/5/01, Kyle Hultman wrote:
> >Hi,
> >   I am using radiator, latest version, and I am trying to configure it
> >for use with our access servers. I have configured it to authenticate
> >from a mySql database, and it is running on RH Linux 7.0. We have a
> >large number of customers who have dedicated IP's, and a large numbers
> >of customers who are assigned an IP at the time of dialup. My mySql
> >Subscribers table looks like this:
> >
> >USERNAME,PASSWORD,ENCRYPTEDPASSWORD,CHECKATTR,REPLYATTR,STATUS,PROTOCOL,IPADDRESS,IPNETMASK,FRAMEDGROUP
> >
> >My AuthSelect statement looks like:
> >AuthSelect select PASSWORD, PROTOCOL, IPADDRESS, IPNETMASK from
> >SUBSCRIBERS where USERNAME='%n' and STATUS='A'
> >
> >AuthColumnDef 0, User-Password, check
> >AuthColumnDef 1, Framed-Protocol, reply
> >AuthColumnDef 2, Framed-Address, reply
> >AuthColumnDef 3, Framed-Netmask, reply
> >
> >I would like to able do both static and dynamic IP's from the same
> >realm, but I have yet to be able to figure this out. Does anyone have
> >any suggestions?
> >
> >--
> >Kyle Hultman
> >khultman at bnsi.net
> >===
> >Archive at http://www.open.com.au/archives/radiator/
> >Announcements on radiator-announce at open.com.au
> >To unsubscribe, email 'majordomo at open.com.au' with
> >'unsubscribe radiator' in the body of the message.
> 
> -- 
> 
> NB: I am travelling this week, so there may be delays in our correspondence.
> 
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
> Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
> 



-- 
----------------------------------------
              Danny Kruitbosch
             RDC Datacentrum B.V.
               Postbus 74707
             1070 BS Amsterdam
         tel.: +31 (0)20 549 7913
         fax.: +31 (0)20 661 1526
        e-mail: d.kruitbosch at rdc.nl
----------------------------------------

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list