|
Hello Hugh
How can I config radiator to allocate
fixed IP address for some radius user which in Radmin
Database (e.g. user@test3 will get IP
203.141.21.2)
Thanks,
Chairath
P.S. Our system is running Radiator
2.18.2 and Radmin1.4
Foreground
LogStdout LogDir d:/Radiator-2.18/log DbDir d:/Radiator-2.18 LogFile %L/logfile-%d-%m-%Y # Dont turn this up too high, since
all log messages are logged
# to the RADMESSAGES table in the database. 3 will give you everything # except debugging messages Trace 4 # PreClientHook to add NAS-Port attribute PreClientHook file:"%D/addNASPort" # You will probably want to change this to suit your site.
# You should list all the clients you have, and their secrets # If you are using the Radmin Clients table, you wil probably # want to disable this. #<Client DEFAULT> # Secret mysecret # DupInterval 0 #</Client> # You can put additonal (or all) client details in your Radmin
# database table # and get their details from there with something like this: # You can then use the Radmin 'Add Radius Client' to add new clients. <ClientListSQL> DBSource dbi:ODBC:Radmin DBUsername xxx DBAuth xxx
</ClientListSQL> #<AuthBy RADIUS>
# Identifier ProxyTofunk # Host 10.2.0.6 # Secret test #</AuthBy> #<Realm funk>
# strip Realm # RewriteUsername s/^([^@]+).*/$1/ # AuthBy ProxyTofunk #</Realm> <AuthBy RADMIN>
Identifier RADMINAUTH # Change DBSource, DBUsername, DBAuth for your database # See the reference manual. You will also have to # change the one in <SessionDatabse SQL> below # so its the same DBSource dbi:ODBC:Radmin DBUsername xxx DBAuth xxx DateFormat %e %m %Y %T AuthSelect select PASS_WORD,STATICADDRESS,TIMELEFT,MAXLOGINS from RADUSERS where USERNAME='%n' and BADLOGINS < 8 and VALIDFROM < %t and VALIDTO > %t # You can add to or change these if you want, but you # will probably want to change the database schema first AccountingTable RADUSAGE AcctColumnDef USERNAME,User-Name AcctColumnDef TIME_STAMP,Timestamp,integer AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type,integer AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer AcctColumnDef ACCTSESSIONID,Acct-Session-Id AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause,integer AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address AcctColumnDef NASIDENTIFIER,NAS-Identifier AcctColumnDef NASIDENTIFIER,NAS-IP-Address AcctColumnDef NASPORT,NAS-Port,integer AcctColumnDef DNIS,Called-Station-Id AcctColumnDef DATE,Timestamp,integer-date # This updates the time and octets left # for this user AcctSQLStatement update RADUSERS set TIMELEFT=TIMELEFT-0%{Acct-Session-Time}, OCTETSINLEFT=OCTETSINLEFT-0%{Acct-Input-Octets}, OCTETSOUTLEFT=OCTETSOUTLEFT-0%{Acct-Output-Octets} where USERNAME='%n' </AuthBy>
<AddressAllocator SQL>
# This name allows us to refer to it from inside # an AuthBy DYNADDRESS Identifier myallocator DBSource dbi:ODBC:Radmin DBUsername xxx DBAuth xxx # If SessionTimeout is set by a previous AuthBy
# then that is used as the expiry time. Otherwise # DefaultLeasePeriod (in seconds) is used. # Defaults to 1 day #DefaultLeasePeriod 86400 # How often we check the database for expired leases
# leases can expire if an acounting stop is lost # or if the session goes longer than the lease # we originally asked for. Defaults to 1 day. #LeaseReclaimInterval 86400 <AddressPool pool1> Subnetmask 255.255.255.248 Range 203.147.46.1 203.147.46.6 #Range 192.1.1.60 192.1.1.120 #Range 192.1.2.0/31 </AddressPool> <AddressPool pool2> Subnetmask 255.255.255.240 Range 203.148.241.241 203.148.241.254 </AddressPool> </AddressAllocator> <AuthBy DYNADDRESS>
Identifier AllocateIPAddress Allocator myallocator StripFromReply PoolHint </AuthBy> <AuthBy GROUP>
Identifier WithIdleTimeout AuthBy RADMINAUTH # These are the classic things to add to each users # reply to allow a PPP dialup session. It may be # different for your NAS. This will add some # reply items to everyone's reply AddToReply Framed-Protocol = PPP,\ Service-Type = Framed-User,\ Framed-IP-Netmask = 255.255.255.255,\ Framed-Routing = None,\ Framed-MTU = 1500,\ Framed-Compression = Van-Jacobson-TCP-IP,\ Idle-Timeout = 7200,\ Class = %{NAS-Port} </AuthBy> <AuthBy GROUP>
Identifier WithOutIdleTimeout AuthBy RADMINAUTH # These are the classic things to add to each users # reply to allow a PPP dialup session. It may be # different for your NAS. This will add some # reply items to everyone's reply AddToReply Framed-Protocol = PPP,\ Service-Type = Framed-User,\ Framed-IP-Netmask = 255.255.255.255,\ Framed-Routing = None,\ Framed-MTU = 1500,\ Framed-Compression = Van-Jacobson-TCP-IP,\ Class = %{NAS-Port} </AuthBy> <AuthBy GROUP>
Identifier SelectPool1 AuthBy RADMINAUTH # These are the classic things to add to each users # reply to allow a PPP dialup session. It may be # different for your NAS. This will add some # reply items to everyone's reply AddToReply PoolHint = pool1,\ Ascend-IP-Direct = 10.10.0.11,\ Framed-IP-Netmask = 255.255.255.255,\ Framed-Protocol = PPP,\ Service-Type = Framed-User,\ Framed-Routing = None,\ Framed-MTU = 1500,\ Framed-Compression = Van-Jacobson-TCP-IP,\ Idle-Timeout = 7200,\ Class = %{NAS-Port} </AuthBy> <AuthBy GROUP> Identifier SelectPool2 AuthBy RADMINAUTH # These are the classic things to add to each users # reply to allow a PPP dialup session. It may be # different for your NAS. This will add some # reply items to everyone's reply AddToReply PoolHint = pool2,\ Ascend-IP-Direct = 10.10.0.10,\ Framed-IP-Netmask = 255.255.255.255,\ Framed-Protocol = PPP,\ Service-Type = Framed-User,\ Framed-Routing = None,\ Framed-MTU = 1500,\ Framed-Compression = Van-Jacobson-TCP-IP,\ Idle-Timeout = 7200,\ Class = %{NAS-Port} </AuthBy> <AuthBy FILE>
Identifier TimeZone Filename %D/adsl.users </AuthBy> # Handler for accounting and address de-allocation
<Handler Request-Type=Accounting-Request, Realm =
test1>
AuthByPolicy ContinueAlways AuthBy RADMINAUTH AuthBy AllocateIPAddress </Handler> <Handler Request-Type=Accounting-Request, Realm =
test2> AuthByPolicy ContinueAlways AuthBy RADMINAUTH AuthBy AllocateIPAddress </Handler> <Handler Request-Type=Accounting-Request>
AuthBy RADMINAUTH </Handler> <Handler Realm=hz.qnet>
AuthBy TimeZone </Handler> <Handler Realm=test1>
AuthByPolicy ContinueWhileAccept AuthBy SelectPool1 AuthBy AllocateIPAddress </Handler> <Handler Realm=test2>
AuthByPolicy ContinueWhileAccept AuthBy SelectPool2 AuthBy AllocateIPAddress </Handler> <Handler>
AuthBy WithIdleTimeout </Handler> |
- (RADIATOR) Re: fixed ip for some user Chairath K
- (RADIATOR) Re: fixed ip for some user Hugh Irvine
