[EMAIL PROTECTED] wrote:
> Hi!
> User1 should authenticate by the Radius-Server.
> User1 Network is (10.20.30.0/24)
> My Network is (192.168.202.0/24)
>
> user1 authenticate succesfully, but he has no access to my network! (with
> Framed-IP-Address "192.168.202.50")
> then i use Framed-IP-Address "10.20.30.50" then the user authenticate
> successfully and he has access to my network!
>
> Why?
> I think, that I must give user1 an IP-Address from my Network
I think that you have next configuration
You network ---------- NAS Server ------- User's connection
192.168.202/0 192.168.202.X Z.Z.Z.Z Y.Y.Y.Y
So, when you set to user ip 10.20.30.50, then all ok (it's ok if in you
network NAS server set as default router)
So computer from you network send packet to 10.20.30.50 via default
router, and router KNOW where address 10.20.30.50 is.
But, when you set 192.168.202.50 to user, then situation might be next:
Comp from you network try to send packet to user see, that users address
is in same network and try to deliver it directly, but it cann't,
because user is behind NAS server.
i have this settings:
My Network: 192.168.202.0/24
RadiusServer: 192.168.202.58/24 Route: 192.168.202.0/24
Gateway:192.168.202.59
Router: 192.168.202.59/24 Route: 192.168.202.0/24
Gateway:192.168.202.59
User1Network: 10.20.30.0/24
User1 get IP-Address "192.168.202.50"!
Radiusd in Debug mode says "sending access-accept"
but no ping and no telnet works
for this network (192.168.202.0/24) the Router is the default Router.
But it don�t work.......
help.....
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
