DHCP 82 Option Controls

Maile Halatuituia maile.halatuituia at tcc.to
Thu Nov 21 20:03:39 CET 2019 

Hi I have this send to my FreeRadius Server from a BRAS that serves as a DHCP Server for Clients. I want to authorize my user using their phones number as send by the BRAS as the Calling-Station-Id below. I understand that I can't authenticate as this is DHCP, please correct me if I am wrong compare to PPPoE.

>From BRAS to FreeRadius Server

BRAS (Cisco ASR 1001) -->  Freeradius Version 3.0.15


*Nov 21 14:28:36: RADIUS:  User-Name           [1]   10  "67624029"
Nov 21 14:28:36: RADIUS:  User-Password       [2]   18
*Nov 21 14:28:36: RADIUS:  Calling-Station-Id  [31]  10  "67624029"
*Nov 21 14:28:36: RADIUS:  NAS-Port-Type       [61]  6   Virtual                   [5]
*Nov 21 14:28:36: RADIUS:  NAS-Port            [5]   6   0
*Nov 21 14:28:36: RADIUS:  NAS-Port-Id         [87]  35  "NUK-MSAN4 atm 16/13:0.34:67624029"
*Nov 21 14:28:36: RADIUS:  Vendor, Cisco       [26]  47
*Nov 21 14:28:36: RADIUS:   Cisco AVpair       [1]   41  "circuit-id-tag=NUK-MSAN4 atm 16/13:0.34"
*Nov 21 14:28:36: RADIUS:  Vendor, Cisco       [26]  30
*Nov 21 14:28:36: RADIUS:   Cisco AVpair       [1]   24  "remote-id-tag=67624029"
*Nov 21 14:28:36: RADIUS:  Service-Type        [6]   6   Outbound                  [5]
*Nov 21 14:28:36: RADIUS:  NAS-IP-Address      [4]   6   10.254.36.225
*Nov 21 14:28:36: RADIUS:  Acct-Session-Id     [44]  18  "0000000000000146"
*Nov 21 14:28:36: RADIUS:  Nas-Identifier      [32]  21  "HA_BNG3.kalianet.to"
*Nov 21 14:28:36: RADIUS:  Event-Timestamp     [55]  6   1574299716

My Default Server Control Portion.
This is the portion I believe it is relate to this where I attach some realm in this case (prepaid.to) .
if ( &WiMAX-BS-Id ) {
                perl
                mschap
        }
        else {
        if ( &Calling-Station-Id ) {
                update request {
                &User-Name := "%{%{Stripped-User-name}:-%{User-Name}}@prepaid.to"
                }
                        ### for keyed-balance
                update control {
                        &Load-Balance-Key := "%{Calling-Station-Id}"
                }
        }
        else {
                if ( &User-Name !~ /\@/ ){
                update request {
                        &User-Name := "%{User-Name}@kalianet.to"
                }
                }
        }

I am not sure I have this as a valid start or this does something other than what I want to achieve.
My problem I can summarise on these two points.


  1.  First how can I use my Calling Station to authorize the DHCP Clients. ???
  2.  Secondly if possible to do Authentication with Calling-Station-Id before address assigned to the Customer.???
Attached is the Debug File.



Confidentiality Notice: This email (including any attachment) is intended for internal use only. Any unauthorized use, dissemination or copying of the content is prohibited. If you are not the intended recipient and have received this e-mail in error, please notify the sender by email and delete this email and any attachment.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: DEBUG.RADIUS
Type: application/octet-stream
Size: 55086 bytes
Desc: DEBUG.RADIUS
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20191121/d5d7b2b1/attachment-0001.obj>

More information about the Freeradius-Users mailing list