Hi all!
I've been having problems using cisco-avpair reply attributes in my
radiator config. I've read all the notes, searched the archives but
still can't get the bloody thing to work.
This is my current config:
<AuthBy FILE>
Identifier AuthUsersFilter
Filename %D/users
AddToReplyIfNotExist Service-Type=Framed-User, \
Framed-Protocol=PPP, \
Framed-IP-Address=255.255.255.254, \
Framed-IP-Netmask=255.255.255.255, \
Framed-Routing=None, \
Framed-Compression=Van-Jacobsen-TCP-IP,
\
Framed-MTU=1500
AddToReply \
cisco-avpair = "ip:inacl#5=permit ip any 213.191.128.0
0.0.0.255", \
cisco-avpair = "ip:inacl#99=deny ip any any"
</AuthBy>
This returns only the first cisco-avpair attribute, the second one gets
lost. I've also tried to add this cisco-avpair attributes to my users
file and still the same.
The reply I get from radpwtest is:
Code: Access-Accept
Identifier: 147
Authentic: $?i@<143><175><214><221><178>x<205><3>9<247>$<166>
Attributes:
cisco-avpair = "ip:inacl#5=permit ip any 213.191.128.0 0.0.0.255"
Service-Type = Framed-User
Framed-Protocol = PPP
Framed-IP-Address = 255.255.255.254
Framed-IP-Netmask = 255.255.255.255
Framed-Routing = None
Framed-Compression = Van-Jacobson-TCP-IP
Framed-MTU = 1500
As you can see, the second attribute did not get to my client (or is it
stripped by radpwtst?).
Has anyone used cisco ACLs with Radiator? How could this be fixed? Is
there any way to get Radiator to send both attributes regardles of the
fact that they have the same name?
Thanks!
--
Igor Briski <[EMAIL PROTECTED]>
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
