(RADIATOR) Simple Config please

Ayotunde Itayemi aitayemi at metrong.com
Wed Jun 19 11:57:42 CDT 2002 

Hi All, Hi Hugh,

Okay I have a few questions.
My set up is as follows:
1. 3 Patton RAS servers with 30 e1 phone numbers (e.g., 5556666) each (each also has an IP address)
2. 3 VPN servers (win2K)
3. several "generic little" RAS servers handing out a few IPs each
4. IP addresses come in three pools (at least), one called 192.168.10.0 - for email-only clients,
    a.b.c.0, d.f.e.0 for regular-full-internet-access clients.
5. IPASS (both ways) - as client (my users getting access from IPASS network when roaming)
    and server (granting roaming IPASS clients Internet access)

I intend to utilize a database for the address allocation.
Please can you look at the following skeletal config file and tell me if anything is seriously wrong.
Please note that I have removed quite a lot of stuff from the different clauses.
My intention is to: authenticate users against an Oracle Db, assign them IP addresses, and if
they are roaming IPASS users, authenticate them against a remote IPASS radius server.
HOW do I group RAS servers (clients) so that I can use a single Handler for say 3 RAS,
another for a group of 4 other RAS clients etc.

Regards,
Tunde Itayemi.
=====================================================================
<SessionDatabase SQL>
 Identifier SDB1
 DBSource dbi:Oracle:radius00
 DBUsername  radiusgold
 DBAuth   radiusgold
</SessionDatabase>
# =======================================================
<AddressAllocator SQL>
        Identifier mySQLallocator
        <AddressPool pool1>
        </AddressPool>
        <AddressPool pool1>
        </AddressPool>
</AddressAllocator>
# =================== CLIENTs   =================================
<Client k.k.k.a>
        Secret my-secret
        Identifier virus1
</Client>
<Client a.b.c.d>
</Client>
<Client a.b.c.e>
</Client>
<Client a.b.c.f>
</Client>
<Client d.d.d.d>
</Client>
<Client d.d.d.d>
</Client>
<Client a.b.c.d>
</Client>
=================== AUTH BYs =============================
<AuthBy SQL>
</Auth>
<AuthBy DYNADDRESS>
 Identifier myIPADDRESSauth
 Allocator mySQLallocator
 PoolHint %{Reply:PoolHint}
 MapAttribute   yiaddr, Framed-IP-Address
 MapAttribute   subnetmask, Framed-IP-Netmask
 StripFromReply PoolHint
</AuthBy>
=================== HANDLERs   ===========================
<Handler Client-Identifier=virus1>
 AuthByPolicy ContinueWhileAccept
# remove @domain-name
 RewriteUsername s/^([^@]+).*/$1/
 SessionDatabase SDB1
 AuthBy mySQLauth
 AuthBy myIPADDRESSauth
</Handler>

<Handler Client-Identifier=RAS21>
 AuthByPolicy ContinueWhileAccept
# remove @domain-name
 RewriteUsername s/^([^@]+).*/$1/
 SessionDatabase SDB1
 AuthBy mySQLauth
 AuthBy myIPADDRESSauth
</Handler>

<Handler>
 # default handler should do for all other requests, 
including domains that are IPASS + all unknown domains
<AuthBy RADIUS>
# for IPASS to authenticate roaming server
<Host d.d.d.c>
</Host>
<Host d.d.d.e>
</Host>
</AuthBy>
</Handler>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.open.com.au/pipermail/radiator/attachments/20020619/57a3b27e/attachment.html>

More information about the radiator mailing list