Arran Cudbard-Bell wrote: > [EMAIL PROTECTED] wrote: >> Hi, >> >> >>>>> Trying to use Client-Ip-Address is huntgroups and hints doesn't seem to >>>>> work, >>>>> if this because the Client-Ip-Address is written to the request packet >>>>> at the end of pre-process >>>>> and not the beginning ? Or is there more strangeness afoot ? >>>>> >> are you sure you want Client-IP-Address and not NAS-IP-Address ? >> >> utilizing the NAS-IP-Address allows you to define authorization etc >> based on the access point that the user has connected via. >> >> alan >> - >> List info/subscribe/unsubscribe? See >> http://www.freeradius.org/list/users.html >> > NAS's can lie :) > . > > I'm still trying to do this without perl....and this is the last thing ! > The very last thing I need to make it all work. > > nas_hints > #/* Authentication Mediums */ > # '802.1', # 802.1 (Wired LAN) > # '802.11', # 802.11 (Wireless LAN) > # 'IPSEC', # IPSEC (VPN) > # 'SSH', # Secure Shell/Nas Prompt Login > # 'HTTPS', # Captive Portal/Nas Web Interface > # 'PROXY', # Client Isn't a NAS it's an offsite Proxy > # 'unused', # For future use > # 'unused', # For future use > #/* Extended Features */ > # 'RADACCT',# NAS Can do RADIUS Accounting > # 'D802.Q', # NAS Can do Dynamic Vlan Assignment > # 'MULTIBESSID'); # NAS Can have multiple SSIDs / BSSIDs > > ############################################################# > # Debug entry for home testing. > DEFAULT Packet-Src-IP-Address = '81.6.252.244' > NAS-Feature-Set = '00000100000' > > ############################################################# > # Set the 'PROXY' flag in the feature set for the JRS proxies > DEFAULT Packet-Src-IP-Address == roaming0.ja.net > NAS-Feature-Set = '00000100000' > > DEFAULT Packet-Src-IP-Address == roaming1.ja.net > NAS-Feature-Set = '00000100000' > > DEFAULT Packet-Src-IP-Address == roaming2.ja.net > NAS-Feature-Set = '00000100000' > > ############################################################# > # Retrieve the feature set for all none recognised clients > # from the NetReg3 Database > DEFAULT NAS-Feature-Set =* ANY > NAS-Feature-Set = "%{sql_clients:SELECT > EXPORT_SET(master.nas_flags,'1','0','',20) FROM `master` WHERE > CONCAT(ip1,'.',ip2,'.',ip3,'.',ip4) = '%{Packet-Src-IP-Address}'}" > > Need to be able to set static NAS profiles for the few weird clients > that can't be included in the NetReg clients database. > > *sigh* > > Don't suppose you know how to match multiple values in a request > attribute without regexp ? as in could be a,b or c ? > Always assumed you couldn't , but may as well ask :) > > Thanks, > Arran > > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hmm ignore the last message, the issue is that now Packet-Src-Ip-Address Always matches ! Everywhere..... Which exaplains the weirdness in hints and huntgroups. -- Arran Cudbard-Bell ([EMAIL PROTECTED]) Authentication Authorisation & Accounting Officer Infrastructure Services | ENG1 FF08 EXT:3900 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
