(RADIATOR) Config possibilities?

Faisal Imtiaz Faisal at Snappydsl.net
Tue Feb 13 11:02:10 CST 2007 

 
Now, you are making me think hard. -:)

ACL filters are passed on as extended attributes, part of the user config.

If you are using txt file for user login/password, then they would look
something like as such:-
	user2		Password = "test"
			Service-Type = Framed,
			Framed-Protocol = PPP,
			Framed-IP-Address = 2.1.1.2,
			Filter-Id = "in:block-in"
			Filter-Id = "out:block-out"

This above example is for the Redback SMS router.

Look in your Ascend Manuals for the Appropriate attributes for the ACL list,
and then make sure that you have the dictionary file loaded in Radiator.
Based upon the exact name the filter/ACL attribute is called in the
dictionary, then you can use it to pass on the NAS via the user config for
that particular user.

Pretty much the same way as you would pass on a framed-route or even DNS
settings, the ACL filter is just another attribute, (You will have to find
the exact one, from the Ascend documentation) and then pass that on via the
user record.

I hope that this makes sense. It is a bit screwy to understand if you are
dealing with this for the first time.



Regards.


Faisal Imtiaz
Computer Office Solutions Inc. /SnappyDSL.net
Ph: (305) 663-5518 
-----Original Message-----
From: joeri.scapicchio at kbclease.be [mailto:joeri.scapicchio at kbclease.be] On
Behalf Of ITI at kbclease.be
Sent: Tuesday, February 13, 2007 11:13 AM
To: Faisal Imtiaz; radiator at open.com.au
Cc: ITI at kbclease.be
Subject: RE: (RADIATOR) Config possibilities?

Hi,

Thanks for the response.

We where indeed wanted to use some ACL filters on the RAS box. I was however
not shure that the radius server could pass the ACL attributes to the RAS.
You mention that it is possible, can you give us the config option used to
push this kind of attributes cause I was reading the open radiator manual
but could not find the options that we need to use for this kind of setup.

"Faisal Imtiaz" <Faisal at Snappydsl.net> wrote on 13/02/2007 16:37:31:

>
> Hello.
>
> You could accomplish this very easily by using ACL (Access Control 
> List) filters.
> All NAS/RAS  boxes allow for assignment of ACL filters as part of the
User
> authentication setup.
> And yes, you can pass those attributes via Radius, to the NAS box,
>
> Regards
>
> Faisal Imtiaz
> Computer Office Solutions Inc. /SnappyDSL.net
> Ph: (305) 663-5518
> -----Original Message-----
> From: owner-radiator at open.com.au [mailto:owner-radiator at open.com.au] 
> On Behalf Of ITI at kbclease.be
> Sent: Tuesday, February 13, 2007 9:19 AM
> To: radiator at open.com.au
> Subject: (RADIATOR) Config possibilities?
>
>
> Hi,
>
> We are examinating some possibilities of our open radiator server.
>
> We are using the radiator server for authentication of dial-in 
> sessions
into
> our network as discribed below. But as you see we want to restrict the 
> access for certain users.
> Is there a way to configure the radiator server in order to achieve 
> our
goal
> also discribed below.
>
> Our setup:
> We have a Ascend Max dialin routing device attached to our network. 
> This device will accept a dial-in call from a remote user and will 
> send authentication request with username and passworde to a server in 
> our network running open Radiator. If authentication is accepted the 
> Ascend
Max
> will accept the connection with the dial-in user and a IP link with 
> our network is setup between the Ascend Max and the remote user.
>
> Our problem:
> We would like to restrict access for certain users.
> For example if user X dials in he may only access our mailserver If 
> user
Y
> dails in he hass full access on our network.
>
> Thanks in advance.
>
> Best regards
> Disclaimer.
> This e-mail and any attached files are confidential and may contain 
> information which is protected by intellectual property rights.If you 
> are not the addressee named above any disclosure, reproduction, 
> copying, communication or distribution, of this e-mail is 
> prohibited.Please notify the sender and destroy this e-mail.This 
> e-mail does not contain any professional advice and does not 
> constitute an offer regarding any financial, banking, insurance or 
> other product service toward the addressee.If you like to obtain 
> specific information, professional
advice,
> an offer, or want to contract you have to contact the KBC company
mentioned
> above, its branch or agent.
>
> The integrity, security, completeness, correctness, timeliness of this 
> message cannot be guaranteed, and may be subject of corruption, 
> interception, unauthorized amendments, delay or interruption, for 
> which
we
> accept no liability.
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au To unsubscribe, email 
> 'majordomo at open.com.au' with 'unsubscribe radiator' in the body of the 
> message.
>
>

Disclaimer.
This e-mail and any attached files are confidential and may contain
information which is protected by intellectual property rights.If you are
not the addressee named above any disclosure, reproduction, copying,
communication or distribution, of this e-mail is prohibited.Please notify
the sender and destroy this e-mail.This e-mail does not contain any
professional advice and does not constitute an offer regarding any
financial, banking, insurance or other product service toward the
addressee.If you like to obtain specific information, professional advice,
an offer, or want to contract you have to contact the KBC company mentioned
above, its branch or agent.

The integrity, security, completeness, correctness, timeliness of this
message cannot be guaranteed, and may be subject of corruption,
interception, unauthorized amendments, delay or interruption, for which we
accept no liability.



--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list