[RADIATOR] Additional radius attributes for particular users on shared realm :: how to?!!

2015-01-28 Thread Mohammed Alhaj Ali 
Hi,

I'd asking how to use AddToReply to add additional radius attributes for 
particular users on shared realm, for example if I've user name start with 
'xyz' then reply with additional radius attribute to requested NAS,
We already this configuration on Cisco AAA (car), and now we trying to migrate 
on radiator, below script were applied on CAR please let me know how to 
translate this to radiator configuration file.


(tcl script)...
if { [ string match xyz* $userName ] } {
 $response addProfile PPPoEProfile-XYZ-$realm

} else {
 $response addProfile PPPoEProfile-$realm


Attribute profile for any user start with 'xyz'

-- ls

[ //localhost/Radius/Profiles/PPPoEProfile-XYZ-1024.example.com/Attributes ]
Cisco-AVPair = ip:sub-qos-policy-in=ISP_1024_UpStream
Cisco-AVPair = ip:sub-qos-policy-out=ISP_1024_DownStream
Cisco-AVPair = lcp:interface-config=description *** XYZ ***
Cisco-AVPair = lcp:interface-config=ip vrf forwarding xyz
Cisco-AVPair = lcp:interface-config=ip unnumbered loopback 99
Framed-MTU = 1492
Framed-Protocol = PPP
Service-Type = Framed




___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator

Re: [RADIATOR] Additional radius attributes for particular users on shared realm :: how to?!!

2015-01-28 Thread Hugh Irvine 

Hello -

The answer to this depends on what else you are doing in your configuration 
file.

The simplest way to do it is with Handlers (not Realms) like this:


…….

Handler User-Name = /^xyz/
AuthBy ….
…..
AddToReply cisco-avpair = 
ip:sub-qos-policy-in=ISP_1024_UpStream,
cisco-avpair = 
ip:sub-qos-policy-out=ISP_1024_DownStream,
cisco-avpair = lcp:interface-config=description 
*** XYZ ***”,
cisco-avpair = lcp:interface-config=ip vrf forwarding 
xyz”,
cisco-avpair = lcp:interface-config=ip unnumbered 
loopback 99”,
Framed-MTU = 1492,
Framed-Protocol = PPP,
Service-Type = Framed-User
/AuthBy
/Handler

Handler
AuthBy ….
…..
/AuthBy
/Handler

…..


There are many other possibilities depending on your exact requirements.

regards

Hugh


 On 29 Jan 2015, at 00:32, Mohammed Alhaj Ali m.al...@itc.sa wrote:
 
 Hi,
 
 I'd asking how to use AddToReply to add additional radius attributes for 
 particular users on shared realm, for example if I've user name start with 
 'xyz' then reply with additional radius attribute to requested NAS,
 We already this configuration on Cisco AAA (car), and now we trying to 
 migrate on radiator, below script were applied on CAR please let me know how 
 to translate this to radiator configuration file.
 
 
 (tcl script)...
 if { [ string match xyz* $userName ] } {
 $response addProfile PPPoEProfile-XYZ-$realm
 
 } else {
 $response addProfile PPPoEProfile-$realm
 
 
 Attribute profile for any user start with 'xyz'
 
 -- ls
 
 [ //localhost/Radius/Profiles/PPPoEProfile-XYZ-1024.example.com/Attributes ]
Cisco-AVPair = ip:sub-qos-policy-in=ISP_1024_UpStream
Cisco-AVPair = ip:sub-qos-policy-out=ISP_1024_DownStream
Cisco-AVPair = lcp:interface-config=description *** XYZ ***
Cisco-AVPair = lcp:interface-config=ip vrf forwarding xyz
Cisco-AVPair = lcp:interface-config=ip unnumbered loopback 99
Framed-MTU = 1492
Framed-Protocol = PPP
Service-Type = Framed
 
 
 
 
 ___
 radiator mailing list
 radiator@open.com.au
 http://www.open.com.au/mailman/listinfo/radiator


--

Hugh Irvine
h...@open.com.au

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER, SIM, etc. 
Full source on Unix, Linux, Windows, MacOSX, Solaris, VMS, NetWare etc.

___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator