[RADIATOR] Dynamic Address Allocation

Thomas Kurian thomas at kccg.com
Sun May 8 08:57:13 CDT 2016


Hi Support,

For dynamic address allocation , if you can
please help me by advising steps to implement addressallocator.cfg as we
have decided to use sql as address backend. Please advise the sql
database structure radpool and radonline tables. We want to assign ip
address to client machines based on their username, password and
hostname. Our requirement is to map Username/Hostname to assigned its
respective client ip address.

Following is our radius.cfg for your kind review :-

#Foreground
#LogStdout

AcctPort 1813
AuthPort 1812

BindAddress 0.0.0.0

LogDir        /var/log/radius
DbDir        /etc/radiator
DictionaryFile /etc/radiator/dictionary

# User a lower trace level in production systems:
Trace         4

# You will probably want to add other Clients to suit your site,
# one for each NAS you want to work with
<Client DEFAULT>
     Secret    archies
     DupInterval 0
</Client>


<Client 172.16.0.229>
         Secret  archies
         Identifier FW1
         DupInterval 0
</Client>


<AuthLog FILE>
     Identifier myauthlogger
     Filename %L/authlog
     LogSuccess 1
     LogFailure 1
</AuthLog>

<Handler Request-Type=Access-Request,Client-Identifier=FW1>
         <AuthBy FILE>
                 Filename %D/users
         </AuthBy>
         # Log accounting to a detail file
         AcctLogFileName %L/detail

PostAuthHook file:"/etc/radiator/wgetmagic.pl"

</Handler>

# This is where we authenticate a PEAP inner request, which will be an
# EAP request. The username of the inner request will anonymous by
# default, although the identity of the EAP request will be the real
# username we are trying to authenticate.
<Handler
Request-Type=Access-Request,Client-Identifier=NETGENIE,TunnelledByPEAP=1>
     Identifier EAP-MSCHAP-V2
     <AuthBy FILE>
         Filename %D/users

         # This tells the PEAP client what types of inner EAP requests
         # we will honour
         EAPType MSCHAP-V2
     </AuthBy>

     # Log authentication success and failure to the a file
     AuthLog myauthlogger

     PostAuthHook
file:"/root/Desktop/Radiator-installer20-3-2016/Radiator-Locked-4.16/goodies/eap_anon_hook.pl"
</Handler>

<Handler Client-Identifier=NETGENIE>
     Identifier EAP-PEAP
     <AuthBy FILE>
         Filename %D/users

         EAPType PEAP

         EAPTLS_CAFile %D/certificates/demoCA/cacert.pem

         EAPTLS_CertificateFile %D/certificates/cert-srv.pem
         EAPTLS_CertificateType PEM

         EAPTLS_PrivateKeyFile %D/certificates/cert-srv.pem
         EAPTLS_PrivateKeyPassword whatever

         EAPTLS_MaxFragmentSize 1000

         AutoMPPEKeys

         EAPTLS_PEAPVersion 0

     </AuthBy>

     # Log authentication success and failure to the a file
     AuthLog myauthlogger

PreProcessingHook
file:"/root/Desktop/Radiator-installer20-3-2016/Radiator-Locked-4.16/goodies/eap_anon_hook.pl"
     AcctLogFileName %D/detail
</Handler>



-- 
Best Regards,

Thomas Kurian








More information about the radiator mailing list