--- Forwarded mail from [EMAIL PROTECTED]
Date: Sat, 17 Jun 2000 09:40:13 +1000 (EST)
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: BOUNCE [EMAIL PROTECTED]: Non-member submission from [Simon
Hackett <[EMAIL PROTECTED]>]
>From mikem Sat Jun 17 09:40:09 2000
Received: by oscar.open.com.au (8.9.0/8.9.0) id JAA04584
for [EMAIL PROTECTED]; Sat, 17 Jun 2000 09:40:09 +1000 (EST)
>Received: from hamish.internode.com.au (hamish.internode.com.au
[192.83.231.113]) by perki.connect.com.au with ESMTP id JAA28862
(8.8.8/IDA-1.7 for <[EMAIL PROTECTED]>); Sat, 17 Jun 2000 09:27:15 +1000
(EST)
Received: from hamish.internode.com.au (hamish.internode.com.au
[192.83.231.113]) by perki.connect.com.au with ESMTP id JAA28862
(8.8.8/IDA-1.7 for <[EMAIL PROTECTED]>); Sat, 17 Jun 2000 09:27:15 +1000
(EST)
Received: (from simon@localhost)
by hamish.internode.com.au (8.9.2/8.9.2) id IAA87843;
Sat, 17 Jun 2000 08:57:11 +0930 (CST)
(envelope-from simon)
From: Simon Hackett <[EMAIL PROTECTED]>
Message-Id: <[EMAIL PROTECTED]>
Subject: Re: (RADIATOR) Setting up a Dynamic Pool
In-Reply-To: <[EMAIL PROTECTED]> from
Todd Knaus at "Jun 16, 2000 12:27:59 pm"
To: [EMAIL PROTECTED] (Todd Knaus)
Date: Sat, 17 Jun 2000 08:57:11 +0930 (CST)
Cc: [EMAIL PROTECTED] (Radiator)
X-Mailer: ELM [version 2.4ME+ PL54 (25)]
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=US-ASCII
>
> In the past we had the actuall server (a livingston Portmaster) do the
> assignment. However, we have purchased a new CISCO AS5300 and evidently
> the 5300 cannot do this. Well, actaully I guess it can however, if we
> set it up using a dynamic Pool then our Static customer have problems.
> So we are being told that either you have Radius do everything or you
> have the CISCO do everything.....but you can't have the CISCO hand out
> dynamic and Radius hand out static.
>
You've been misinformed. You can do what you want with Cisco IOS, and we
and have done just that for quite some time.
Go dig around in the CCO documentation a bit more, or
get yourself 'told' what is possible by someone with more experience with
Cisco IOS than the person you've been listening to so far.
Essentially, just define a local pool on the cisco and if the radius response
doesn't specify an explicit ip address, the cisco will default back to using
its local pool. There really isn't much of a problem to solve here.
For the ultimate in configurability, you can even use cisco avpairs to
download an ip address pool definition to the 5x00 from the radius
server (we don't do this - don't really see the point at our existing
size)
http://www.cisco.com/univercd/cc/td/doc/product/software/ios112/peruser.htm
Anyway:
An example of the cisco side config lines that are relevant is:
ip address-pool local
then define a local pool, e.g.:
ip local pool default <start-ip> <end-ip>
on each async (or group-async) interface that's relevant, or
sync interface if you also want to work this way for isdn calls,
you use the command
peer default ip address pool default
Which tells IOS to use the pool called 'default' to assign the ip
address if the radius response doesn't provide an IP address. However,
if it does, then this is respected in preference to using the local
pool to assign one.
And you're done!
Simon
---End of forwarded mail from [EMAIL PROTECTED]
--
Mike McCauley [EMAIL PROTECTED]
Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
Phone +61 3 9598-0985 Fax +61 3 9598-0955
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc
on Unix, Win95/8, 2000, NT, MacOS X
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
