RE: providing IP address depending NAS origin

Fri, 29 Apr 2005 07:52:47 -0700 

> Hi everybody,
> 
> We are deploying a GPRS Edge architecture with one 
> router in a DMZ area with 4 permanent IPSEC tunnels through 
> our operator.
> 
> When the user is connecting, he should authenticate on the 
> Freeradius server.
> 
> But the Radius have to provide an IP in a different subnet 
> depending which NAS 
> (a GGSN) have emited the request for the client.
> 
> Eg;
> If the Auth request comes from GGSN-A, IP address should be in 
> 192.168.200.0/24
> If the Auth request comes from GGSN-B, IP address should be in 
> 192.168.201.0/24
> 
> And, if the ip address could be statically provided depending 
> the username, 
> that would be very cool.
> 
> Eg:
> If the Auth request comes from GGSN-A for user Joe, IP 
> address should be 
> 192.168.200.X (X is the Joe's one)
> If the Auth request comes from GGSN-A for user Joe, IP 
> address should be 
> 192.168.201.Y (Y is the Toto's one)
>
> So, is it possible ? 
> Can you explain me how i can do it, or do you have a link to 
> something that 
> can help me ?
> 
> Thank you in advance,
> Ben.

Ben,

I think you can do the following:

You can allways receive the IP-Address ot the NAS in the NAS-IP-Address
Attribute. You can ( because I've done it ) build an stored procedure on
your sql engine and do some if-else structure where you validate your IP
Address. If your NAS-IP-Address attribute is IP-A, you return IP address
in 192.168.201.0/24. If IP-B, then 192.168.200.0/24.

It is easy, believe me. Of course you need to know how to build an
stored procedure ... but is piece of cake.

for example .... in my mssql.conf I have .... 

authorize_check_query = "rad_authorize_check_query
'%{Stripped-User-Name:-%{User-Name}}'"

rad_authorize_check_query is an stored procedure. I only provide the
username, but inside the storedprocedure I make lots of checks .... do
you follow me ????

Hope it helps!

Regards,

Lucas

-- 
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.308 / Virus Database: 266.11.0 - Release Date: 29/04/2005
 


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to