[RADIATOR] : Problems adding Dynamic Reply-Item Framed-IP-Address with AuthBy FREERADIUSSQL
Hugh Irvine
hugh at open.com.au
Mon Apr 26 17:54:47 CDT 2010
Hello Carlos -
If the Framed-IP-Address is present in the incoming access request, you just need this in your AuthBy:
# define Realm or Handler
<Handler .....>
<AuthBy .....>
......
AddToReply Framed-IP-Address = %{Request:Framed-IP-Address}
</AuthBy>
</Handler>
regards
Hugh
On 27 Apr 2010, at 03:09, Carlos Rodrigues wrote:
> Hi,
>
> I’m not able to use a dynamic Reply Item for the Framed-IP-Address AVP, while using AuthBy FREERADIUSSQL.
>
> I’m trying to create an Access-Accept response containing the Framed-IP-Address AVP, getting its value from the Access-Request packet.
>
> · In the Handler setup I have:
> DynamicReply Framed-IP-Address
>
> · In the Reply-Items SQL table I have:
>
> Id;username;attribute;op;value
> 1;"myUser";"Framed-Protocol";"+=";"PPP"
> 2;"myUser";"Service-Type";"+=";"Framed-User"
> 3;"myUser";"Framed-IP-Address";"+=";"%{Framed-IP-Address}"
>
>
> · When issuing an access-request to this specific user, the server shows:
>
> *** Sending to 10.112.48.185 port 34610 ....
>
> Packet length = 34
> 02 de 00 22 14 c3 f5 1a 1b a5 d8 eb 35 9c b5 c0
> 06 19 0d 40 08 02 07 06 00 00 00 01 06 06 00 00
> 00 02
> Code: Access-Accept
> Identifier: 222
> Authentic: <20><195><245><26><27><165><216><235>5<156><181><192><6><25><13>@
> Attributes:
> Framed-IP-Address = %{Framed-IP-Address}
> Framed-Protocol = PPP
> Service-Type = Framed-User
>
> · And the client shows:
>
> Mon Apr 26 18:01:42 2010: DEBUG: Packet dump:
> *** Received from 10.112.48.185 port 1812 ....
> Code: Access-Accept
> Identifier: 222
> Authentic: <20><195><245><26><27><165><216><235>5<156><181><192><6><25><13>@
> Attributes:
> Framed-IP-Address = UNKNOWN
> Framed-Protocol = PPP
> Service-Type = Framed-User
>
> OK
>
>
> So, it seems that the format_special is not being called for the Framed-IP-Address AVP.
> After digging a bit in the AuthGENERIC.pm, I found an explicit exception in the appendUserReplyItems method, where this specific AVP is being ignored:
>
> Line 2145: next if $name eq 'Framed-IP-Address';
>
> Any special reason for this?
> Is there an alternate method for accomplishing the purpose of setting a Framed-IP-Address Reply-Item value from the original Access-request Framed-IP-Address AVP?
>
>
> Thanks in advance,
>
>
> <image001.jpg>
>
>
>
> Carlos Rodrigues
> Soluções para Redes de Dados
> Desenvolvimento de Plataformas de Rede e Soluções Multimédia
> tlf: 234403398
> carlos-j-rodrigues at ptinovacao.pt
>
>
>
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator
NB:
Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.
More information about the radiator
mailing list