Roger wrote:
Hello:
A user which is authenticated via freeradius is wanting a dedicated subnet. From what I've read I need the following things
1) Setup a pool in radiusd.conf like so..
ippool ippool {
name = ippool
session-db = /etc/raddb/ippool-sess-db
ip-index = /etc/raddb/ippool-idx-db
range-start = 192.168.0.2
range-stop = 192.168.0.3
netmask = 255.255.255.252
cache-size = 1000
}
2) Setup a post-authentication section to give said user access to that pool
post-auth {
# Get an address from the IP Pool.
ippool
}
3) recompile freeradius w/ the '--with-experimental-modules' compile time option. This will add support for the rlm_ippool module.
4) setup a special case in the users file
test User-Password == "blah"
User-Service = Framed-User,
Framed-Protocol = PPP,
Pool-Name = ippool,
Ascend-Maximum-Channels = 2
After that the user, in this case test, should be able to be authenticated twice, each time he will be assigned a ip within the /30 range(really only 2 usable ips).
Basically I'm asking if the above 4 steps and syntax are correct?
Now, my boss has mentioned that all of this can be accomplished very easy on the ascend box itself as opposed to making changes in freeradius.
Can anyone speak to either method?
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
