(RADIATOR) Re: Multiple Calling-Station-Id

Ayotunde Itayemi aitayemi at metrong.com
Wed Aug 14 15:14:31 CDT 2002


Hi Hugh,
Thanks for the replies. I noticed a curious thing though I am not sure of exactly when it happened.
I changed one of the IP address pools defined in my <AddressAllocator SQL>  to the same name
as the identifier for a NAS. Below is the DYNAADDRESS clause I used for the Handler for the NAS.
The thing is that I suddenly noticed tonight that the Acct-Session-Id column for all the online users
are blank (from the radwho.cgi)?

Any idea what is wrong?
It's 9.15 P.M. here and I am getting out :-) Talk to you later 

Regards,
Tunde I.


<AuthBy DYNADDRESS>
        Identifier pattonIPADDRESSauth
        Allocator mySQLallocator

        PoolHint %{Client:Identifier}

#        PoolHint %{Reply:PoolHint}
        MapAttribute   yiaddr, Framed-IP-Address
        MapAttribute   subnetmask, Framed-IP-Netmask
        StripFromReply PoolHint
        DefaultSimultaneousUse 1
</AuthBy> 


----- Original Message ----- 
  From: Hugh Irvine 
  To: Ayotunde Itayemi 
  Cc: radiator at open.com.au 
  Sent: Wednesday, August 14, 2002 6:04 PM
  Subject: (RADIATOR) Re: Multiple Calling-Station-Id


  Hello Tunde -

  No - you can only have a single PoolHint - why do you want more?

  For your second question, you would do something like this:

  <Handler Client-Identifier = specialNAS, Calling-Station-Id = /^080[234]/>
  # deal with the requests
  ......
  </Handler>

  <Handler Calling-Station-Id = /^080[234]/>
  # reject calls to other NAS's
  <AuthBy INTERNAL>
  DefaultResult REJECT
  </AuthBy>
  ......
  </Handler>

  regards

  Hugh


  On Thursday, August 15, 2002, at 02:50 AM, Ayotunde Itayemi wrote:


    Hi Hugh,
     
    I assume I can have multiple  PoolHint %{Client:Identifier}  in a single <AuthBy DYNADDRESS> clause?
    Secondly, how do I restrict the special NAS to ONLY answer requests from clients with the mobile phone addresses
    I have mentioned?
    I thought of using <Calling-Station-Id =/^080[234]/>    but what stops the client from dialing into some of
    my other NASes? Is there some way to negate the HANDLER attributes? Something like:
     
    <Handler Client-Identifier = specialNAS, (NOT)Calling-Station-Id =/^080[234]/>
     
    Regards,
    Tunde I.
     

    ----- Original Message -----
    From: Hugh Irvine
    To: Ayotunde Itayemi
    Cc: radiator at open.com.au
    Sent: Wednesday, August 14, 2002 12:36 PM
    Subject: Re: Multiple Calling-Station-Id

    Hello Tunde -

    For your second point, you would do something like this:

    # define Clients with Identifiers

    <Client 1.2.3.4>
    Identifier PoolTag
    ....
    </Client>

    .....

    # define AuthBy DYNADDRESS

    <AuthBy DYNADDRESS>
    Identifier AllocateIPAddress
    ....
    PoolHint %{Client:Identifier}
    .....
    </AuthBy>

    .......


    For your first point, you could also use something like this:

    <Handler Client-Identifier = specialNAS, Calling-Station-Id =/^080[234]/>

    The above says "080" at the start of the string, followed by 2 or 3 or 4, followed by anything.

    As always, you should test such Handlers and regular expressions thoroughly.

    regards

    Hugh


    On Wednesday, August 14, 2002, at 07:31 PM, Ayotunde Itayemi wrote:

    Hi All,
     
    I have a similar problem to Micheal's (see inquiry)
    If my understanding is correct, that user cannot connect under any circumstance
    to any other NAS on the network?
    I require a little more flexibility in that the user should ONLY be restricted to a particular
    NAS if he uses a special (GSM) number. The numbers are of the form 0802xxxxxxx OR
    0803xxxxxxx OR 0804xxxxxxx (where xxxxxxx is any sequence of 7 digits)
     
     
    I was thinking of a special HANDLER clause for them.
    I guess I would need something like
     
    <HANDLER Client-Identifier = specialNAS, Calling-Station-Id=/0802xxxxxxx|0803xxxxxxx|0804xxxxxxx/ >
     
    </HANDLER>
     
    Would this work?
     
    Also, how can I associate a pool of IPs with a particular NAS. The purpose is to allow me to
    leave out the poolhint attribute from the record of each user in my database. This should
    allow the allocation of IPs based on the NAS rather than the user.
     
     
    Regards,
    Tunde Itayemi.

    --
    Radiator: the most portable, flexible and configurable RADIUS server
    anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
    -
    Nets: internetwork inventory and management - graphical, extensible,
    flexible with hardware, software, platform and database independence.



  -- 
  Radiator: the most portable, flexible and configurable RADIUS server
  anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
  -
  Nets: internetwork inventory and management - graphical, extensible,
  flexible with hardware, software, platform and database independence.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.open.com.au/pipermail/radiator/attachments/20020814/01df7e72/attachment.html>


More information about the radiator mailing list