On Mon, 28 Mar 2005, Jarred Cleem wrote:
I am setting up a test environment and I am having some problems. Any help
would be great. I have the servers build very similarly to what is document
at
http://www.freeradius.org/radiusd/doc/ldap_howto.txt. I have created a few
profiles like dialup, dsl, and isdn. I have the server working in the test
environment and it seems to function very well. My question is how do I use
profiles and still be able to pass specific attributes to the radius server
that are dependent on the user. For example, if the user has been assigned a
static IP address. Below is an example of an of the users file from the old
Radius server that we are migrating off of.
default profile: An ldap entry holding radius attributes. Defined in the
ldap module configuration and used in all cases
regular profile: An ldap entry holding radius attributes. Defined in the user
entry as an attribute pointing to the dn of that entry. Used when authorizing
that specific user.
user profile: The attributes contained in the user entry. These attributes take
precedence to the attributes defined in the above profiles. So in general you
can use default/regular profiles to define default attributes used in most cases
and then define any user specific attributes inside each user's entry.
# Entry for Customer 1 dedicated dsl
Customer1 Auth-Type = Local, Password = xx
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 192.168.1.69,
Framed-IP-Netmask = 255.255.255.252,
Framed-Routing = Broadcast-Listen,
Framed-Filter-Id = std.ppp,
Framed-MTU = 1500,
Framed-Compression = Van-Jacobsen-TCP-IP
# Entry for customer 2 dedicated dsl
Customer2 Auth-Type = Local, Password = xxx
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 192.168.1.65,
Framed-IP-Netmask = 255.255.255.252,
Framed-Routing = Broadcast-Listen,
Framed-Filter-Id = std.ppp,
Framed-MTU = 1500,
Framed-Compression = Van-Jacobsen-TCP-IP
# Entry for customer 3 dedicated dsl
Customer3 Auth-Type = Local, Password = xx
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 192.168.1.177,
Framed-IP-Netmask = 255.255.255.248,
Framed-Routing = Broadcast-Listen,
Framed-Filter-Id = std.ppp,
Framed-MTU = 1500,
Framed-Compression = Van-Jacobsen-TCP-IP
DEFAULT Auth-Type = System
Fall-Through = Yes
DEFAULT Service-Type = Framed-User
Framed-IP-Address = 255.255.255.254,
Framed-MTU = 576,
Service-Type = Framed-User,
Fall-Through = Yes
#
# Default for PPP: dynamic IP address, PPP mode, VJ-compression.
# NOTE: we do not use Hint = PPP, since PPP might also be auto-detected
# by the terminal server in which case there may not be a P suffix.
# The terminal server sends Framed-Protocol = PPP for auto PPP.
#
DEFAULT Framed-Protocol = PPP
Framed-Protocol = PPP,
Framed-Compression = Van-Jacobson-TCP-IP
#
# Default for CSLIP: dynamic IP address, SLIP mode, VJ-compression.
#
DEFAULT Hint = CSLIP
Framed-Protocol = SLIP,
Framed-Compression = Van-Jacobson-TCP-IP
#
# Default for SLIP: dynamic IP address, SLIP mode.
#
DEFAULT Hint = SLIP
Framed-Protocol = SLIP
--
Jarred F. Cleem
IS Manager
Multiband
2000 44th Street SW
Fargo, ND 58103
(W) 701-281-5376 (F)701-492-5376
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
Kostas Kalevras Network Operations Center
[EMAIL PROTECTED] National Technical University of Athens, Greece
Work Phone: +30 210 7721861
'Go back to the shadow' Gandalf
