Alan Miller <[EMAIL PROTECTED]> wrote:
> We are an ISP in Northern Ontario.
Mmmm... rock and trees and trees and rocks and rocks and trees...
> The problem is that our Unlimited customers are having issues with
> it because Radius thinks they are authenticating twice (which they
> are) and rejects the request from their High Speed Dial-up client.
It's a little difficult in the current server design.
What you want is:
a) a dial-up pool, where the user can log in once
b) a high-speed pool, where the user can log in once
c) the two pools to be independent.
You can set "Simultaneous-Use = 1" for the user always, and then run
two session types:
> The High-Speed Dial-up clients authenticate from 2 seperate NAS servers so
> we can easily distinguish them from our normal dialup client NAS's.
There you are. You can distinguish the two requests.
#---
DEFAULT Simultaneous-Use := 1
Fall-Through = Yes
DEFAULT Client-IP-Address == 1.2.3.4, Session-Type := dialup
DEFAULT Client-IP-Address == 5.6.7.8, Session-Type := highspeed
#---
And in radiusd.conf, copy the "radutmp" configuration to two new
ones::
radutmp dialup {
.... create new dial-up-specific radutmp file
}
radutmp highspeed {
.... create new high-speed-specific radutmp file
}
And list "dialup" and "highspeed" in "accounting", just after "radutmp".
Then, in the session{} section, do:
session {
...
Session-Type highspeed {
highspeed
}
Session-Type dialup {
dialup
}
...
}
That should work.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
