[RADIATOR] Adding Class Attribute to access response
Ray-Andrew Reynolds
Ray-Andrew.Reynolds at digicelgroup.com
Tue Feb 17 04:30:05 CST 2009
Thanks Hugh, I will check out the rfc
-----Original Message-----
From: Hugh Irvine [mailto:hugh at open.com.au]
Sent: Tuesday, February 17, 2009 4:48 AM
To: Ray-Andrew Reynolds
Cc: radiator at open.com.au
Subject: Re: [RADIATOR] Adding Class Attribute to access response
Hello Ray-Andrew -
Radiator is a RADIUS server, which can be configured to authenticate
RADIUS access requests from RADIUS client devices (NAS) and reply with
either an access accept or an access reject.
In the case of an access accept, Radiator can also be configured to
return RADIUS reply attributes, including the Class attribute.
When returned in an access accept, the client device should include
the Class attribute in all subsequent accounting requests for the
session.
In your case, the Class attribute should be added to the access accept
in the AuthBy clause that is processing the request.
Something like this:
......
# Realm or Handler
<Handler ...>
<AuthBy ...>
.....
AddToReply Class = .....
</AuthBy>
</Handler>
.....
You should read the RFC for more information: "doc/rfc2865.txt".
hope that helps
regards
Hugh
On 17 Feb 2009, at 19:28, Ray-Andrew Reynolds wrote:
> All, I am fairly new to radiator, I am currently trying to add the
> Class
> AVP to an access request going back to our NAS server from my
> radiator
> client.
>
> Thus far I have been unable to do so, is there anyone who can assist ?
>
>
> This is what I have for the access request hook:
>
>
> <Client DEFAULT>
> Identifier xxxxx
> Secret xxxxxx
> IgnoreAcctSignature on
>
> AllowInReply Class, \
> Service-Type, \
> Framed-Protocol, \
> Framed-IP-Address, \
> User-Name
>
> DupInterval 0
> </Client>
>
>
> The information transmitted is intended only for the person or
> entity to which it is addressed and may contain confidential and/or
> privileged material. Any review, retransmission, dissemination or
> other use of, or taking of any action in reliance upon, this
> information by persons or entities other than the intended recipient
> is prohibited. If you received this in error, please contact the
> sender and delete the material from any computer.
>
>
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator
NB:
Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive
(www.open.com.au/archives/radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
Have you checked the RadiusExpert wiki:
http://www.open.com.au/wiki/index.php/Main_Page
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.
More information about the radiator
mailing list