FreeRadius, three NAS types and users privileges

Robert Hass robhass at gmail.com
Sun Jun 18 14:51:55 CEST 2006


Hi

My current network is running DSL services (PPPoE), Dial-Up services
and VPN services. All NAS devices are Cisco - 7206VXR BRAS for DSL,
AS5300 for Dial-Up and Cisco PIX520 for VPN (EasyVPN). Currently all
those NASes uses one common FreeRadius (all data is in MySQL).

The problem is that DSL user can configure their PPPoE connection as
username from Dial-Up user (eg. ppp/ppp) and there will be no
rate-limit on his connection (VirtualAccess interface). Silimar problem
with VPNs - sometimes we have duplicated login names...

Is any way to resolv this issue other than installing 3 FreeRadiuses
using different MySQL databases, and different TCP/UDP ports ?

I was wondering about class in MySQL database, eg.

class = 0		Dialup
class = 1		DSL
class = 2		VPN
class = ...		...

And and 'class' varible into USERS and NAS tables. I'm looking for
ready solution for above described problem.

Robert Hass



More information about the Freeradius-Users mailing list