(RADIATOR) DHCP allocation question.

Hugh Irvine hugh at open.com.au
Thu Jul 22 03:06:12 CDT 2004 

Hello Roland -

Yes I will need to see a trace 4 debug from Radiator showing what is 
happening.

A tcpdump showing the DHCP requests would also be useful.

regards

Hugh


On 21 Jul 2004, at 21:25, Roland van Hout wrote:

>
> Hi everybody,
>
> Here at Tilburg University we try to do the following.
> Have a vpn server authenticate via Radiator.
> Have Radiator pick up an ip address from a certain pool from a dhcp 
> server (dhcp3 from isc)
> In the dhcp config I have:
> --
> shared-network uvt-vpn {
>     subnet 10.11.12.13 netmask 255.255.255.255 { allow 
> unknown-clients; }
>     subnet 10.56.80.0 netmask 255.255.248.0 { allow unknown-clients; }
>         option subnet-mask 255.255.248.0;
>         option broadcast-address 10.56.87.255;
>         option routers 10.56.80.1;
>          pool {
>            max-lease-time 14400;
>            range 10.56.80.10 10.56.87.254;
>          }
> }
> --
> In the Radiator config I have (pertaining to dhcp):
> --
> <AddressAllocator DHCP>
>         Identifier dhcpallocator
>         Host 10.56.247.11
>         DHCPClientIdentifier VPN
>         UserClass %{Client:Identifier}
>         # Subnet Selection Option
>         # Now defined in RFC 3011 to be 118.
>         # Earlier versions of the ISC DHCP server
>         # used the unofficial option 211.
>         SubnetSelectionOption 118
>         #SubnetSelectionOption 211
> </AddressAllocator>
> --
> And the corresponding AuthBy:
> --
>                 <AuthBy DYNADDRESS>
>                         AddressAllocator dhcpallocator
>                         PoolHint 10.11.12.13
>                         StripFromReply PoolHint
>                 </AuthBy>
> --
>
> I use Radiator 3.9 and dhcp3-3.0+3.0.1rc14 both on different Debian 
> woody (stable) systems.
> What's happing is the following, the dhcp discover is sent, but the 
> dhcp offer is sent without the subnet selection info as it was filled 
> in the discover.
> Then Radiator sends a dhcp request and the dhcp server says lease not 
> available and sends a dhcp nak.
>
> Basically I'm testing with Radiator's radius test client (in gui mode) 
> from the Radius server to the dhcp server, I'm thinking if I cannot 
> get that to work why try the vpn server as a radius client.
>
> What I would need is an example config for the dhcp server (I think) 
> maybe some
> tips on the radiator config and testing.
>
> Do you need logs or whatever just drop me a line.
>
> Thanx
> Roland
> -- 
> Roland van Hout					ITS Infrastructure & Development
> R.P.vanHout at uvt.nl            			Unit: Unix
> Tel: +31 13 4663035				Fax: +31 13 4663189
> kamer CZ218                                   	aanwezig: ma-vr
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list