Authenticate/Attributes based on NAS-IP-Address

Wed Jun 8 21:52:28 CEST 2005

Jeff Green wrote:

>Hi Nick,
>
>
>		I've modified FreeRadius to retrieve NAS specific reply
>items from
>a (Postgresql) table as I have three different NAS h/w that users can
>connect using
>- they have different IP pools.
>
>Is this similar to what you want to do ?
>
>
>				Regards,
>
> 
>
>-----Original Message-----
>From: freeradius-users-bounces at lists.freeradius.org
>[mailto:freeradius-users-bounces at lists.freeradius.org] On Behalf Of N
>White
>Sent: 07 June 2005 22:29
>To: FreeRadius users mailing list
>Subject: Authenticate/Attributes based on NAS-IP-Address
>
>Using MySQL as a backend, is there any way to configure Authentication
>and Attribute (replies), based on the NAS-IP-Address sent to the
>FreeRADIUS server? Allow requests from NAS1 to authenticate and have
>certain attributes for users in that group and then allow requests from
>NAS2 to authenticate and have different attributes. Would there be
>anyway to allow a user to be a part of both groups?
>
>Thanks,
>Nick
>-
>List info/subscribe/unsubscribe? See
>http://www.freeradius.org/list/users.html
>
>------------------------------------------------------------------------
>Confidentiality Note: The information contained in this email and document(s)
>attached are for the exclusive use of the addressee and may contain confidential,
>privileged and non-disclosable information. If the recipient of this email is not
>the addressee, such recipient is strictly prohibited from reading, photocopying,
>distribution or otherwise using this email or its contents in any way.
>
>Please notify the Sapiens (UK) Ltd. Systems Administrator via e-mail immediately at
>networksupport at sapiens.co.uk, if you have received this email in error.
>
>Disclaimer: The views, opinions and guidelines contained in this confidential
>e-mail are those of the originating author and may not be representative of Sapiens (UK) Ltd.
>------------------------------------------------------------------------
>
>- 
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>
>__________ NOD32 1.1133 (20050608) Information __________
>
>This message was checked by NOD32 antivirus system.
>http://www.eset.com
>
>
>
>  
>
Here's my other post:
Actually I already have two running FreeRADIUS servers with SQL. That 
isn't the hard part. The problem with your instructions is that I'm not 
using ippool to assign dynamic IPs, our NASes are doing that (Portmaster 
2/3). I don't have a problem setting up static IPs either, as we have 
several Dial-Up users who need those also. The problem lies in that I 
want to use the RADIUS server for PPPoE authentication also. But I want 
to allow users who log in through PPPoE to also be able to log in 
regularly(Dial-Up), when their PPPoE isn't logged in. BUT, when they log 
in through PPPoE, I want them to be assigned a static IP, when they 
login via Portmasters/Dial-Up, then they don't get the static IP, they 
get a regular dynamic one.
Basically if a user logs in through NAS1, they are assigned X attributes 
with dynamic IP, if they log in through NAS2, they are assigned Y 
attributes with a static IP. And all this needs to be done in MySQL, 
that way my own PHP frontend(which I intend to release GPL) can work 
with it. Also I think MySQL scales better.

-Nick