On Wed, 21 Aug 2002, rakesh jha wrote:
> Hello Radius Gurus,
>
> I need your help. I have just downloaded and installed freeradius 7 with
> rlm_ippool. I have following situation:
> We have defined an ip pool on Cisco 5300 from x.x.x.195 to x.x.x.254 with
> mask 255.255.255.192.
> We want IP from x.x.x.195 to x.x.x.214 statically to the privilege dial-in
> users and IP from x.x.x.215 to x.x.x.254 dynamically to other normal users.
> For normal users duplicate users ID is allowed.
Why not just define an IP pool in the 5300 from x.x.x.215 to x.x.x.254 and just
add a reply item of
Framed-IP-Address = 255.255.255.254 in the normal user entries. There's no real
reason in using the ippool module.
If you have more than one IP pools in your 5300 you could also send back a cisco
avpair like this:
Cisco-AVPair := "ip:addr-pool=my_pool_name"
Hope it helps
--
Kostas Kalevras Network Operations Center
[EMAIL PROTECTED] National Technical University of Athens, Greece
Work Phone: +30 10 7721861
'Go back to the shadow' Gandalf
>
> To achieve this I am doing following.
>
> 1. In radiusd.conf I have added following:
> usercollide = yes
> compat = cistron
>
> Ippool {
> Range-start = x.x.x.215
> Range-stop = x.x.x.254
> Netmask = 255.255.255.192
> Cache-size = 800
> Session-db = ${raddbdir}/db.ippool
> Ip-index = ${raddbdir}/db.ip-index
> }
>
> 2. In users file I have added following:
>
> Privilegeuser Auth-Type :=local, passwoed =="xxxxx"
> Framed-IP-Address = x.x.x.195
> Framed-IP-netmask = 255.255.255.255
> Fall-through = yes
>
> Normaluser Auth-Type :=local, passwoed
> =="yyyyy"
> Service-type = framed
> Framed-protocol = PPP
> Session-timeout =1800
>
>
>
> The whole idea is that mormaluser should get IP starting from x.x.x.215 till
> x.x.x.254 only and after that which ever is unused in range from 215 - 254.
> In my existing RADIUS server for normal users I have configured
> Framed-IP-Address = x.x.x.215+ and user may get IP beyond our subnet.
>
> Seeing the configuration, please confirm following:
>
>
>
> 1 Will this work OK
> 2. The normaluser will get IP from range x.x.x.215 - x.x.x.254
>
> Thanks
>
> Rakesh Jha
> Kuwait
>
> -----------------------------------------------------------------------
> Disclaimer:
> Any non official business related views, opinions or other information
> presented in this electronic mail are solely those of the sender/author.
> Burgan Bank does not endorse or accept responsibility for these opinions,
> views or conclusion.
> If you are not the addressee indicated in this electronic mail or
> responsible for delivering this electronic message to the intended
> recipient, you should delete this message and notify the sender
> immediately.
>
> Burgan Bank
> ------------------------------------------------------------------------
>
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
