You need an address in the RAS to act as a gateway...
You can configure any pool in whatever RAS but for example if the RAS is
a cisco you will need to do something like:
interface eth0 ip add xxx.xxx.xxx.1 secondary
interface eth0 ip add yyy.yyy.yyy.1 secondary
..
...
....
and now you can assign address within the blocks xxx.xxx.xxx.xxx and
yyy.yyy.yyy.yyy
The thing is you need to RAS as gateway for the dialin users
On Wed, 2003-10-29 at 20:14, Alexander Lunyov wrote:
> Hello Gustavo,
>
> Wednesday, October 29, 2003, 8:42:51 AM, you wrote:
>
>
>
> GAL> Sure you can.
> GAL> But if you do that you cant get routed to any place.
>
> GAL> You need a gateway address within the same logical network.
>
> What do you mean? NAS in the same logical network or radius server in the
> same logical network?
>
> For example, i want this ippool working with NAS.
>
> ippool main_pool {
> range-start = 192.168.253.1
> range-stop = 192.168.253.254
> netmask = 255.255.0.0
> cache-size = 800
> session-db = ${raddbdir}/db.ippool
> ip-index = ${raddbdir}/db.ipindex
> override = no
> }
>
> NAS is a FreeBSD box with 3 multiport cards and 2 network
> interfaces. First iface is 192.168.33.127/24, second is
> x.x.x.2/24 ('white' network). So when authentification of ppp session is done
> and
> it's time to receive IP address for this session, radiusd cannot
> find range for this NAS. It says
>
> rad_recv: Access-Request packet from host x.x.x.2:2740, id=239, length=105
> Thread 1 assigned request 0
> --- Walking the entire request list ---
> Threads: total/active/spare threads = 5/1/4
> Waking up in 5 seconds...
> Thread 1 handling request 0, (1 handled so far)
> User-Name = "lan"
> Service-Type = Framed-User
> Framed-Protocol = PPP
> CHAP-Password = 0x0176a7169a89a0a8s8aa34a03e630f1ead
> CHAP-Challenge = 0x38328232349865433746313036313635
> NAS-Identifier = "zeus.domain.ru"
> NAS-Port-Type = Ethernet
> NAS-Port = 61
>
> [authentification and other skip]
>
> rlm_ippool: Searching for an entry for nas/port: zeus.domain.ru/61
> modcall[post-auth]: module "main_pool" returns noop for request 0
> modcall: group post-auth returns noop for request 0
> Sending Access-Accept of id 239 to x.x.x.2:2740
> Framed-Compression = Van-Jacobson-TCP-IP
> Idle-Timeout = 10
> Framed-MTU = 576
> Framed-IP-Address = 255.255.255.254
> Framed-Protocol = PPP
> Service-Type = Framed-User
> Finished request 0
>
> What should i do? Is there any 'magic word'? :)
>
>
>
> GAL> On Wed, 2003-10-29 at 19:29, Alexander Lunyov wrote:
> >> Hello freeradius-users,
> >>
> >> Is there a possibility to pool range of IP addresses for NAS
> >> while NAS is not in that range? For example, if i try to pool
> >> 192.168.253.0/24 network for NAS with address 192.168.3.3 - it
> >> says that nas/port not found for that NAS address (192.168.3.3).
> >> is it possible to assign to NAS client IP address not from NAS
> >> network?
>
>
> GAL> -
> GAL> List info/subscribe/unsubscribe? See
> GAL> http://www.freeradius.org/list/users.html
>
>
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
