Problems authenticating and assigning DHCP addresses
jck-freeradius at southwestern.edu
jck-freeradius at southwestern.edu
Sun Jul 10 00:36:22 CEST 2005
Zoltan,
On Sat, Jul 09, 2005 at 06:21:37PM -0400, Zoltan A. Ori wrote:
> On Saturday 09 July 2005 16:45, jck-freeradius at southwestern.edu wrote:
>
> > My first question is:
> >
> > How do I tie all of this together with a DHCPd server, so that they
> > authenticated clients can be assigned an IP address. I am using
> > VLAN tunnel attributes so that, when DHCP support /is/ implemented, I
> > can assign different IP addresses with different access privileges.
> >
> > How can I implement a DHCPd server into my configuration?
> >
>
> Since you are using VLANs and want different IP ranges for different access
> privileges, I would suggest you use Q-Trunks if your network equipment
We currently do dot-Q trunking of VLANS, and my testing AP has been setup
to support the configuration. Let me know if you are referring to
something else.
> permits. Build a DHCP scope for each VLAN address range, then assign the
By scope, yes, we have a ISC DHCPd server setup to give out DHCP IP
addresses, based on VLAN DHCP request.
> gateway and helper address to each virtual interface of the trunks on your
> router. This has nothing to do with RADIUS and should be covered in your
> router, switch and access point manuals.
I was under the impression that if my TCP/IP stach was setup for DHCP,
and I received an Access-Accept packet from FreeRadius, that my supplicant
would go out and request an IP address. Is this not correct? It is not
working for me.
In addition, I also am wondering why I can only use "Attribute=Password" for
successful authentication, and not "Attribute=Crypt-Password". Crypt-Password
works fine when tested through radtest.
>
> Zoltan Ori
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
--johnk
More information about the Freeradius-Users
mailing list