Hello Simon -
Per the email below, would you mind sharing your aaa information with me ?
I have been working on this for the past several days and I can get the IP
Pool working, but not static customers.
Actually what happens is, if a dynamic customers dials in they connect and
receive an address from the IP Pool. However, when a static customer
connects they also receive a dynamic ip address from the pool ???
We are using Radiator Radius, authenticating off our SQL Platypus database.
I turned on Debug/Trace 4 to see what was happening and according to
Radiator, static customers are in fact being assigned their static IP
address but the CISCO for some reason doesn't care and hands them an IP
address from the pool.
If I run Winipcfg from within windows I see that in fact I did receive a
dynamic address from the pool.
I have tried using the line;
aaa authorization network default group radius
but when I enter that line neither static nor dynamic customers can connect.
Thanks for any additional help, hints, tips, pointers, etc.
Todd Knaus
President
CISNet, Inc.
----- Original Message -----
From: "Mike McCauley" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, June 19, 2000 11:17 AM
Subject: Re: (RADIATOR) Setting up a Dynamic Pool
> >
> > In the past we had the actuall server (a livingston Portmaster) do the
> > assignment. However, we have purchased a new CISCO AS5300 and evidently
> > the 5300 cannot do this. Well, actaully I guess it can however, if we
> > set it up using a dynamic Pool then our Static customer have problems.
> > So we are being told that either you have Radius do everything or you
> > have the CISCO do everything.....but you can't have the CISCO hand out
> > dynamic and Radius hand out static.
> >
>
> You've been misinformed. You can do what you want with Cisco IOS, and we
> and have done just that for quite some time.
>
> Go dig around in the CCO documentation a bit more, or
> get yourself 'told' what is possible by someone with more experience with
> Cisco IOS than the person you've been listening to so far.
>
> Essentially, just define a local pool on the cisco and if the radius
response
> doesn't specify an explicit ip address, the cisco will default back to
using
> its local pool. There really isn't much of a problem to solve here.
>
> For the ultimate in configurability, you can even use cisco avpairs to
> download an ip address pool definition to the 5x00 from the radius
> server (we don't do this - don't really see the point at our existing
> size)
>
>
http://www.cisco.com/univercd/cc/td/doc/product/software/ios112/peruser.htm
>
> Anyway:
>
> An example of the cisco side config lines that are relevant is:
>
> ip address-pool local
>
> then define a local pool, e.g.:
>
> ip local pool default <start-ip> <end-ip>
>
> on each async (or group-async) interface that's relevant, or
> sync interface if you also want to work this way for isdn calls,
> you use the command
>
> peer default ip address pool default
>
> Which tells IOS to use the pool called 'default' to assign the ip
> address if the radius response doesn't provide an IP address. However,
> if it does, then this is respected in preference to using the local
> pool to assign one.
>
> And you're done!
>
> Simon
---End of forwarded mail from "Todd Knaus" <[EMAIL PROTECTED]>
--
Mike McCauley [EMAIL PROTECTED]
Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
Phone +61 3 9598-0985 Fax +61 3 9598-0955
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc
on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X
-------------------------------------------------------
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
