(RADIATOR) DNS Assignment via Radius

Hugh Irvine hugh at open.com.au
Wed Nov 19 16:09:13 CST 2003 

Hello Derek -

Whatever attributes you send in the access accept must be defined in 
the Radiator dictionary.

The standard Radiator dictionary defines this:

VENDORATTR      9       cisco-avpair                    1       string

Note the spelling in all lower case.

It is used like this:

	cisco-avpair = "ip:dns-servers = 207.164.80.136"

Note the use of quotes.

BTW - you should also be able to use the Ascend vendor specifics:

	Ascend-Client-Primary-DNS = x.x.x.x
	Ascend-Client-Secondary-DNS = y.y.y.y

You should do some more testing to make sure this works correctly.

regards

Hugh


On 20/11/2003, at 8:43 AM, Derek Buttineau wrote:

> I've read through the list and as well read a few cisco documents that 
> this should be accomplishable by sending a cisco-avpair command to set 
> the DNS server for the remote client.  I can see the avpair being 
> sent, or at least appearing to be being sent in a trace:
>
> Code:       Access-Accept
> Identifier: 160
> Authentic:  <253><13><209>6#)<188>=HZGs<244>;i.
> Attributes:
> Service-Type = Framed-User
> Framed-Protocol = PPP
> Cisco-AVPair = ip:dns-servers = 207.164.80.136
>
> Not sure if I'm missing anything but when I run a debug on the cisco, 
> I see the service-type reaching it and the framed-protocol but don't 
> see the avpair anywhere and the client doesn't get the dns server.
> 4w1d: AAA/ATTR(00000000): add attr: 64BE8D20 0 00000001 
> service-type(245) 4 Framed
> 4w1d: AAA/ATTR(00000000): add attr: 64BE8D34 0 00000001 
> Framed-Protocol(62) 4 PPP
>
> Am I missing something completely?  Or am I totally off base?  Any 
> suggestions would be greatly appreciated.
>
> -- 
> Regards,
>
> Derek Buttineau
> Compu-SOLVE Internet Services
>
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list