Hello Dean -
On Mon, 19 Jun 2000, Dean Brandt wrote:
> Hi Hugh,
>
> I am trying to Auth from a standard RADIUS users file and allocate
> those users an IP address from a nominated pool.
>
> Here is the whole cfg file:
>
> LogDir /var/log/radius
>
>
> # Set this to the database directory. It should contain these files:
> # users The user database
> # dictionary The dictionary for your NAS
> DbDir /etc/raddb/
>
> # This clause defines a single client to listen to
> <Client xxx.xxxx.xxx.xxx>
> Secret xxxxxxx
> NoDefault
> IgnoreAcctSignature
> </Client>
>
> # For testing: this allows us to honour requests from radpwtst
> # on the same host.
> <Client localhost>
> Secret xxxxxxxxx
> DupInterval 0
> </Client>
>
> <AddressAllocator SQL>
> Identifier xxx
>
> DBSource dbi:mysql:radius
> DBUsername xxx
> DBAuth xxxxxxx
>
> <AddressPool pool1>
> Subnetmask 255.255.255.0
> Range 203.44.90.130 203.44.90.134
> </AddressPool>
> </AddressAllocator>
>
> <Log SYSLOG>
> Facility radius
> Trace 4
> </Log>
>
> # This clause handles all users from all realms by looking them up
> # in the users file at /usr/local/etc/raddb/users
> <Realm DEFAULT>
> <AuthBy GROUP>
> AuthByPolicy ContinueWhileReject
>
> <AuthBy FILE>
> #The filename defaults to %D/users
> </AuthBy>
>
> <AuthBy UNIX>
> Filename /etc/shadow
> FramedGroup 0
> </AuthBy>
> </AuthBy>
> </AuthBy>
> # Log accounting to the detail file in LogDir
> AcctLogFileName %L/detail
> </Realm>
>
> <Realm xxx.xxx.xxx>
> RewriteUsername s/^([^@]+).*/$1/
> <AuthBy RADIUS>
> Host xxx.xxx.xxx.xxx
> Secret xxxxxxxx
> </AuthBy>
> AcctLogFileName %L/detail.xxx
>
> <AuthBy DYNADDRESS>
> Allocator xxx
> PoolHint %{Reply:PoolHint}
> StripFromReply PoolHint
> </AuthBy>
>
> </Realm>
As mentioned in my previous message, you appear to have your AuthBy FILE in one
Realm, and your AuthBy DYNADDRESS in a different Realm. If you want to
dynamically allocate addresses for the users in the users file, you would do
something like this:
# This clause handles all users from all realms by looking them up
# in the users file at /usr/local/etc/raddb/users
<Realm DEFAULT>
AuthByPolicy ContinueWhileAccept
<AuthBy FILE>
#The filename defaults to %D/users
</AuthBy>
<AuthBy DYNADDRESS>
Allocator xxx
PoolHint %{Reply:PoolHint}
StripFromReply PoolHint
</AuthBy>
# Log accounting to the detail file in LogDir
AcctLogFileName %L/detail
</Realm>
The above configuration will check the user in the users file and if accepted
will continue on to allocate an IP address.
hth
Hugh
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
