Hello:

A user which is authenticated via freeradius is wanting a dedicated subnet. From what I've read I need the following things

1) Setup a pool in radiusd.conf like so..

ippool ippool {
name = ippool
session-db = /etc/raddb/ippool-sess-db
ip-index = /etc/raddb/ippool-idx-db
range-start = 192.168.0.2
range-stop = 192.168.0.3
netmask = 255.255.255.252
cache-size = 1000
}

2) Setup a post-authentication section to give said user access to that pool

post-auth {
# Get an address from the IP Pool.
ippool
}

3) recompile freeradius w/ the '--with-experimental-modules' compile time option. This will add support for the rlm_ippool module.

4) setup a special case in the users file

test User-Password == "blah"
User-Service = Framed-User,
Framed-Protocol = PPP,
Pool-Name = ippool,
Ascend-Maximum-Channels = 2


After that the user, in this case test, should be able to be authenticated twice, each time he will be assigned a ip within the /30 range(really only 2 usable ips).

Basically I'm asking if the above 4 steps and syntax are correct?

Now, my boss has mentioned that all of this can be accomplished very easy on the ascend box itself as opposed to making changes in freeradius.

Can anyone speak to either method?

--
Rock River Internet Roger Grunkemeyer
202 W. State St, 8th Floor [EMAIL PROTECTED]
Rockford, IL 61101 815-968-9888




- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to