On Jun 16, 2005, at 2:15 PM, Alan DeKok wrote:
Mike Partyka <[EMAIL PROTECTED]> wrote:..
Please don't CC me. I already get enough mail.
Sorry i think i just replied then just before sending thought i CC
the list. i won't do that again.
The modem dials out to the Cisco modem bank, the modem bank (i am
guessing here, as i am not this far) is configured to authenticate
against Radius. Radius is configured to talk to Mysql and uses a
query that checks the username/password, based on the exit status it
accepts or denies the connection request to the modem.
Yes... (barring the "exit status" confusion)
Maybe that was a bad way to describe it, but i really just mean
accept connection if the userame/password returns true deny if the
query returns false.
As i said my PPP knowledge is weak, but isn't what i described part
of the PAP/CHAP handshake process that Radius is configured to use?
No. Your model does PPP, as does the other end. You do PAP/CHAP
over PPP. The other end takes that PAP/CHAP, and puts it into RADIUS.
I see, thanks for the clarification.
*Your* end never sees the RADIUS packets, and never talks to the
MySQL server. You original post made it sound like that's what you
wanted to do.
Ahh, i see why you said it would never work, my initial post wasn't a
good description.
If you control the Cisco modem bank and the RADIUS server, then you
can configure the RADIUS server to send the "right" attributes back to
the Cisco bank.
It SHOULD do this by default. Also, consult the Cisco documentation
to see what attributes it needs to establish a PPP connection, and
then make FreeRADIUS send those attributes.
An excellent tip and not one i had considered, thanks again.
Regards,
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
