(RADIATOR) dealing with one account in two ways
Hugh Irvine
hugh at open.com.au
Thu Mar 13 16:37:33 CST 2003
Hello Levent -
Its nice to hear from you - I hope everything is going well?
The problem with your first solution is the format of the user entry,
which should have all the check items on the first line and all the
reply items on the second and following lines with white space at the
beginning.
The problem with your second solution is that Realms are always
evaluated before Handlers, so your Handler will never be called. If you
want to use Handlers, you should only use Handlers.
I don't really have enough information on how you want to manage your
users, but you might want to try cascaded AuthBy's for this, so you can
keep all of your usernames and passwords in a single place.
# define AuthBy clause
<AuthBy FILE>
Identifier CheckPasswords
Filename %D/users
</AuthBy>
# define Realms
<Realm some.domain>
<AuthBy FILE>
Filename %D/special.users
AddToReplyIfNotExist Framed-IP-Address = n.n.n.n, \
Framed-IP-Netmask = m.m.m.m
AddToReply Service-Type = Framed-User, \
Framed-Protocol = PPP
</AuthBy>
.....
</Realm>
.....
The file "%D/special.users" would contain something like this:
# special.users
DEFAULT Auth-Type = CheckPasswords
user at some.domain Calling-Station-Id = 1111, Called-Station-Id = 2222,
Auth-Type = CheckPasswords
Framed-IP-Address = 213.61.190.162,
Framed-IP-Netmask = 255.255.255.255
anotheruser at some.domain .....
....
.......
The file "%D/users" would contain the usenames and passwords.
# users
user at some.domain Password = xxxxxx
anotheruser at some.domain Password = xxxxxxx
........
regards
Hugh
On Thursday, Mar 13, 2003, at 20:08 Australia/Melbourne, Levent
Sarikaya wrote:
>
> Hi Hugh and all,
>
> Using Radiator 3.5 we have a requirement to treat an user-account in
> two
> ways depending on clid and dialed-number/nas combination.
>
> Needed situation:
> user: levents pass:passx clid:1111 dialed:2222 ------> user should get
> a
> dedicated ip
> user: levents pass:passx clid:any dialed:2222 ------> user should get
> an ip from pool
> user: levents pass:passx clid:1111 dialed:any ------> user should get
> an ip from pool
> user: levents pass:passx clid:any dialed:any ------> user should get
> an ip from pool
>
> Has anyone done this or any hints?
>
> my tries:
>
> ver1:(1 user-file)
>
> user at domain Password = "XXXX", Service-Type = Framed-User
>
> user at domain Password = "XXXX", Calling-Station-Id = 1111,
> Called-Station-Id = 2222, Service-Type = Framed-User
> Framed-IP-Address = "213.61.190.162"
> Framed-IP-Netmask = "255.255.255.255"
>
>
> ver2:(radius.config and 2 user files)
>
> <Handler Client-Identifier = specialNAS, Calling-Station-Id = 1111>
> <AuthBy FILE>
> Filename %D/textfile_with_ip
> </AuthBy>
> </Handler>
>
> <Realm domain>
> <AuthBy FILE>
> Filename %D/textfile_without_ip
> </AuthBy>
> /Realm>
>
> but both didn`t work.
>
> --
> Levent Sarikaya
> IP Network Services SA
> Dial mailto:dialmaster at de.colt.net
> Technical mailto:levent at de.colt.net
> General mailto:levent.sarikaya at colt.de
>
> COLT TELECOM GmbH
> Herriotstr. 4
> D-60528 Frankfurt am Main
> Fon: +49 (0) 69 / 5 66 06 - 6719
> Fax: +49 (0) 69 / 5 66 06 - 6809
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>
NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list