[email protected] a écrit :
thanks for your return. I have added:
$RAD_REPLY{'Framed-IP-Address'} = "10.218.6.1";
return RLM_MODULE_OK;
but no change, he use the pool included into the cisco ASA (10.218.4.5)
a error of me ?
Do a debug (radiusd -X) and see did the attribute make it into the
Access-Accept packet. If it is sent to Cisco - the problem is on ASA. Do
debug aaa there and see why is it ignoring static IP address.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Ok, first this is the debug of Freeradius:
rad_recv: Access-Request packet from host 10.218.7.243:1025, id=50,
length=165
User-Name = "usertest"
User-Password = "XXX"
NAS-Port = 1011712
Service-Type = Framed-User
Framed-Protocol = PPP
Called-Station-Id = "62.XX.XX.XX"
Calling-Station-Id = "88.XX.XX.XX"
NAS-Port-Type = Virtual
Tunnel-Client-Endpoint:0 = "88.XX.XX.XX"
NAS-IP-Address = 10.218.7.243
Cisco-AVPair = "ip:source-ip=88.166.47.158y\223"
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 1
modcall[authorize]: module "preprocess" returns ok for request 1
modcall[authorize]: module "chap" returns noop for request 1
modcall[authorize]: module "mschap" returns noop for request 1
rlm_realm: No '@' in User-Name = "usertest", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 1
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for request 1
users: Matched entry DEFAULT at line 154
users: Matched entry DEFAULT at line 173
users: Matched entry DEFAULT at line 185
modcall[authorize]: module "files" returns ok for request 1
Using perl at 0x8146460
rlm_perl: Added pair Framed-Protocol = PPP
rlm_perl: Added pair Service-Type = Framed-User
rlm_perl: Added pair Framed-IP-Address = 10.218.4.120
rlm_perl: Added pair Framed-IP-Netmask = 255.255.255.0
rlm_perl: Added pair Framed-Compression = Van-Jacobson-TCP-IP
rlm_perl: Added pair Framed-MTU = 576
rlm_perl: Added pair Framed-Protocol = PPP
rlm_perl: Added pair Service-Type = Framed-User
rlm_perl: Added pair Auth-Type = Perl
modcall[authorize]: module "perl" returns ok for request 1
modcall: leaving group authorize (returns ok) for request 1
rad_check_password: Found Auth-Type Perl
auth: type "Perl"
Processing the authenticate section of radiusd.conf
modcall: entering group Perl for request 1
Using perl at 0x8146460
rlm_perl: Added pair Framed-Protocol = PPP
rlm_perl: Added pair h323-credit-amount = 100
rlm_perl: Added pair Service-Type = Framed-User
rlm_perl: Added pair Framed-IP-Address = 255.255.255.254
rlm_perl: Added pair Framed-IP-Netmask = 255.255.255.0
rlm_perl: Added pair Framed-Compression = Van-Jacobson-TCP-IP
rlm_perl: Added pair Framed-MTU = 576
rlm_perl: Added pair Framed-Protocol = PPP
rlm_perl: Added pair Service-Type = Framed-User
rlm_perl: Added pair Auth-Type = Perl
modcall[authenticate]: module "perl" returns ok for request 1
modcall: leaving group Perl (returns ok) for request 1
Login OK: [usertest/XX] (from client 10.218.7.243 port 1011712 cli
88.xx.xx.xx)
Sending Access-Accept of id 50 to 10.218.7.243 port 1025
Framed-IP-Address = 255.255.255.254
Framed-MTU = 576
Service-Type = Framed-User
Framed-Protocol = PPP
Framed-Compression = Van-Jacobson-TCP-IP
Framed-IP-Netmask = 255.255.255.0
h323-credit-amount = "100"
Finished request 1
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
--- Walking the entire request list ---
Cleaning up request 1 ID 50 with timestamp 497f20c3
Nothing to do. Sleeping until we see a request.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
