[RADIATOR] Migration From Freeradius
Heikki Vatiainen
hvn at open.com.au
Tue Oct 25 05:16:30 CDT 2011
On 10/25/2011 01:27 AM, Jennyanydots Napoleon Shoehorn wrote:
Hello,
> My auth's mainly working but I need some general assistance getting the
> following working. Have started with the chilli-radmin.cfg file with
> some added enhancements.
>
> 1. Group check, including download limits, session timeouts etc.
Radmin has service profiles for grouping. Th
Note that
> 2. How to authenticate against a nas-id, not an ip. We need a shared
> secret per nas
Called-Station-Id MAC address is already supported. If you configure
your client like this <Client MAC:00-11-22-33-44-55> Radiator will try
to match this against Called-Station-Id in the incoming request.
The two formats for CSI are supported: separated by dashes (-) or
without separaters e.g.: 001122334455
If e.g. SSID is appended to the MAC address, it is ignored and does not
cause problems for matching the MAC.
> 3. Hunt group implementation - allow, disallow access per network
The Identifier in Client clause can be used as a hunt group identifier.
So if you configure multiple clients with the same Identifier, use
IdenticalClients or ClientListSQL, you can group NASes to groups under
the same Identifier.
For example:
<Client 10.2.3.4>
Identifier group1
IdenticalClients 10.2.3.5
</Client>
<Handler Client-Identifier=group1>
...
The handler would then be used for requests from 10.2.3.4 and 10.2.3.
Another alternative might be to use Client-Identifier value with AuthBy
SQL. The Client-Identifier would be part of AuthSelect SQL query values
when pulling data from the DB for the user.
> Sorry if this has been covered in the docs but I've been through and
> would really appreciate a couple of decent examples. Just need to get
> started!
>
> Thanks in advance
>
> J
>
>
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator
--
Heikki Vatiainen <hvn at open.com.au>
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.
More information about the radiator
mailing list