(RADIATOR) Radiator and Tagged L2TP attributes

Mike McCauley mikem at open.com.au
Sat Mar 16 21:57:48 CST 2002 

Radiator 3.0 will support tagged tunnel attributes with a similar syntax to 
Onno's suggestion

eg:

tunnel-assignment-ID=1:ISP
tunnel-server-endpoint=1:192.168.100.1
tunnel-type=1:l2tp
tunnel-medium=1:ip
tunnel-assignment-ID=2:ISP
tunnel-server-endpoint=2:192.168.100.2
tunnel-type=2:l2tp
tunnel-medium=2:ip

The 3.0beta currently available in the Radiator download area now contains 
that support.

Cheers.


>>>>>>>>>>>>>>>>>>>>>>>>>>>
Hello Onno,

On Wed, 31 Oct 2001 02:35, Hugh Irvine wrote:
> Hello Onno -
>
> How nice to hear from you - hope everything is going well?
>
> I have copied this to Mike to ask him to have a look at if for you.
>
> regards
>
> Hugh
>
> >Hi All,
> >
> >I am trying to send tagged tunneling attributes with radiator and having
> >some problems. I have read the FAQ/manual as per
> >"40. Does Radiator support the IETF Radius Tunnelling attributes? Yes.
> > There are a few tricks to using them though. " but this does not help me.
> > I need to be able to send (several other radius servers support this,
> > before you ask) sending arbitrary tunneling attributes with arbitrary
> > tags. Your FAQ suggests that all tags should be zero - this is not so.
> >
> >The profile I want to send is like this, (using 1: to denote a tag of 1 on
> >that attribute as per certain other radius's syntax)
> >
> >tunnel-assignment-ID=1:"ISP"
> >tunnel-server-endpoint=1:"192.168.100.1"
> >tunnel-type=1:l2tp
> >tunnel-medium=1:ip
> >tunnel-assignment-ID=2:"ISP"
> >tunnel-server-endpoint=2:"192.168.100.2"
> >tunnel-type=2:l2tp
> >tunnel-medium=2:ip
> >
> >I simplified this out for testing to just one endpoint definition, with
> > just one tag value, i.e.
> >
> >tunnel-assignment-ID=1:"ISP"
> >tunnel-server-endpoint=1:"192.168.100.1"
> >tunnel-type=1:l2tp
> >tunnel-medium=1:ip
> >
> >The syntax for how to express this in a radiator config is file is where I
> >am having problems. I tried using this radiator config:
> >
> >tunnel-assignment-ID="\001ISP"
> >tunnel-server-endpoint="\001192.168.100.1"
> >tunnel-type=\001l2tp
> >tunnel-medium=\001ip
> >
> >the first two string attributes come out tagged with "1" as expected, they
> >work. The second two integer ones get screwed up because radiator appears
> > to treat the \001 as part of the value, can't look it up in the lookup
> > table, and ends up sending a value of zero with a tag of zero (which is
> > useless, and breaks the tunnel setup). If I define them without the \001
> >in front, they get sent untagged by radiator, which still breaks the
> > tunnel setup as its getting some attributes with a 0 tag and some with a
> > 1.
> >
> >basically what it comes down to is that I cannot work out how, in the
> >radiator configuration file, to configure a user radius profile to have
> >non-zero tagged values of the tunnel-type and tunnel-medium attributes,
> > and thus cannot get tagged tunneling to work properly. I've guessed
> >at/experimented with various ways I thought you might have implemented the
> >configuration of non-zero tags, couldn't get any to work.

The only way to set up tagged integer attributes right now is to manually 
mask in the tag and the attribtue value (tagged attribtues are 32 bit 
integers with the most significant octet used as the tag.

eg the equivalent of 
tunnel-type=1:l2tp
tunnel-medium=1:ip
with the Radiator dictionary would be 
Tunnel-Type=16777219,
Tunnel-Medium-Type=16777217

Of course, this is clumsy at best.
We hope to have a much better system, similar to common practice, in the next 
release.

Cheers.

> >
> >regards,
> >
> >
> >Onno
> >
> >===
> >Archive at http://www.open.com.au/archives/radiator/
> >Announcements on radiator-announce at open.com.au
> >To unsubscribe, email 'majordomo at open.com.au' with
> >'unsubscribe radiator' in the body of the message.
-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
Phone +61 3 9598-0985                       Fax   +61 3 9598-0955

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc 
on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list