(RADIATOR) User auths if in the users file only?

Karl Gaissmaier karl.gaissmaier at rz.uni-ulm.de
Wed Jul 10 14:25:47 CDT 2002 

Hi Chris,

chris schrieb:
> 
> > This was where the problem was.....thier setup did not follow this
> standard
> > and was trying to
> > assign 255.255.255.254 as the IP *sigh*
> >
> This leads me to a questions. I have a mix of nas servers that I need to use
> on the same radius
> server. One needs the Framed-IP-Address = 255.255.255.254  attribute and one
> needs *nothing*
> sent.

what NAS's do you have? Are they not able to configure them with
dynamic ip address pools and you specify in the reply items just
from which ip pool they shall spent an ip address?

See the following axample for my ascends (in the users file):

pools-foo Password = "ascend", Service-Type = Outbound-User
        Ascend-IP-Pool-Definition = "1 10.0.0.1 254"
...
...
DEFAULT Service-Type = Framed-User, Auth-Type = System
        Framed-Protocol = MP,
        Framed-IP-Netmask = 255.255.255.255,
        Framed-Routing = None,
        Idle-Timeout = 1800,
        Session-Timeout = 43200,
        Ascend-Assign-IP-Pool = 1,
        Ascend-Source-IP-Check = Source-IP-Check-Yes,
        Ascend-Link-Compression = Link-Comp-MS-Stac

here you see Ascend-Assign-IP-Pool = 1, as defined in the same
users file and the Ascend NAS fetches this after reboot or with
a special remote config refresh.

Anyway, you should spent an Idenifier in the Client Clause like:

<Client foo.bar.baz>
        Identifier              foo
        Secret mysecret
</Client>

<Client yep.bar.baz>
        Identifier              yep
        Secret mysecret
</Client>

and then you can sezup different handlers for the different
Clients with different users file:

<Handler Client-Identifier=foo>
        <AuthBy FILE>
                Filename                foo-users
        </AuthBy>
</Handler>

<Handler Client-Identifier=yep>
        <AuthBy FILE>
                Filename                yep-users
        </AuthBy>
</Handler>

or you use just one handler and fifferntiate in teh single users file like:

DEFAULT Service-Type = Framed-User, Auth-Type = System, Client-Identifier = foo
 foo reply items ....

DEFAULT Service-Type = Framed-User, Auth-Type = System, Client-Identifier = yep
 yep reply items ....

Hope this helps

Regards
	Charly
-- 
Karl Gaissmaier          Computing Center,University of Ulm,Germany
Email:karl.gaissmaier at rz.uni-ulm.de          Network Administration
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list