assigning different ippools according to huntgroups
- To: "FreeRadius users mailing list" <freeradius-users@lists.freeradius.org>
- Subject: assigning different ippools according to huntgroups
- From: "Ami Schieber" <ami.schieber@gmail.com>
- Date: Tue, 19 Sep 2006 16:37:34 +0300
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:mime-version:content-type; b=oOvLVtYCiw+aH2be2r+eGbuVE4HI44HBq7PvPtb5ZpgrLPx1wgxzhh2YAkzZaTtbXApllIA4BWr0yVUriq/R7mOYmGYUo8t/JGOdELapZwsvj4NdRTCyN5udaljl8B+Qa6of5v226h2SzKU2DRuJ92ebaujoOi7q3wDhE707MRc=
- Reply-to: FreeRadius users mailing list <freeradius-users@lists.freeradius.org>
Hi,
I have 3 NAS and want to assign Framed-IP-Address from 3 different IP pools according to the NAS the user logs in from.
Config below looks fine to me and I can see that the huntgroup is indeed matched but there seems to be a problem with the postauth definition.
Please advise,
Ami
My config has :
huntgroups:
t1 NAS-IP-Address == 172.16.2.1
t2 NAS-IP-Address == 172.16.3.1
d1 NAS-IP-Address == 172.16.4.1
users:
DEFAULT Huntgroup-Name == "t1"
Pool-Name := Pool-t1,
Fall-Through = No
DEFAULT Huntgroup-Name == "t2"
Pool-Name := Pool-t2,
Fall-Through = No
DEFAULT Huntgroup-Name == "d1"
Pool-Name := Pool-d1,
Fall-Through = No
Radiusd.conf:
ippool Pool-t1 {
range-start = 172.16.2.30
range-stop =
172.16.2.50
netmask = 255.255.255.0
cache-size = 20
session-db = ${raddbdir}/t1db.ippool
ip-index = ${raddbdir}/t1db.ipindex
}
ippool Pool-t2 {
range-start = 172.16.3.30
range-stop = 172.16.3.50
netmask =
255.255.255.0
cache-size = 20
session-db = ${raddbdir}/t2db.ippool
ip-index = ${raddbdir}/t2db.ipindex
}
ippool Pool-d1 {
range-start = 172.16.4.30
range-stop = 172.16.4.50
netmask = 255.255.255.0
cache-size = 20
session-db = ${raddbdir}/d1db.ippool
ip-index = ${raddbdir}/d1db.ipindex
}
accounting {
radutmp
# Return an address to the IP Pool when we see a stop record.
Pool-t1
Pool-t2
Pool-d1
}
post-auth {
# Get an address from the IP Pool
Pool-t1
Pool-t2
Pool-d1
}
log:
rad_recv: Access-Request packet from host 172.16.3.1:32802, id=122, length=55
User-Name = "Ami"
User-Password = "ami123"
NAS-Port = 11
NAS-IP-Address = 172.16.3.1
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok for request 0
modcall[authorize]: module "chap" returns noop for request 0
modcall[authorize]: module "mschap" returns noop for request 0
rlm_realm: No '@' in User-Name = "Ami", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 0
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for request 0
users: Matched entry Ami at line 26
users: Matched entry DEFAULT at line 41
modcall[authorize]: module "files" returns ok for request 0
modcall: leaving group authorize (returns ok) for request 0
auth: type Local
auth: user supplied User-Password matches local User-Password
Processing the post-auth section of radiusd.conf
modcall: entering group post-auth for request 0
rlm_ippool: Could not find Pool-Name attribute.
modcall[post-auth]: module "Pool-t1" returns noop for request 0
rlm_ippool: Could not find Pool-Name attribute.
modcall[post-auth]: module "Pool-t2" returns noop for request 0
rlm_ippool: Could not find Pool-Name attribute.
modcall[post-auth]: module "Pool-d1" returns noop for request 0
modcall: leaving group post-auth (returns noop) for request 0
Sending Access-Accept of id 122 to 172.16.3.1
port 32802
Finished request 0
radiusd.conf:
This archive was generated by a fusion of
Pipermail (Mailman edition) and
MHonArc.