Framed-Route ignored
Phil Mayers
p.mayers at imperial.ac.uk
Tue Dec 13 21:09:35 CET 2005
Arthur Sigel wrote:
> I have been trying to get this to work for a few days now with no
> success. I have set up poptop (PPTP) and it uses the
> /etc/ppp/options.pptp file which has a plugin for radius. plugin radius.so
>
>
This isn't a FreeRadius question, so it would be better to ask on the
pppd mailing list, but that said:
>
> Radius will authenticate with my users fine, but I can’t seem to get the
> Framed-Route option to do anything.
>
> I am trying to set a route for a mask and not just the single IP to
> device ppp connection.
>
>
>
> Does ppp just ignore the route and this option just doesn’t work with
> ppp or pptp? Is there a workaround?
Yes, ppp ignores this option. You would have to patch pppd to do what
you want directly.
However, there is also a "radattr" plugin, which puts the AVPs in
/var/run/radattr.pppN in the following format:
Framed-Route 10.0.0.0/24 0.0.0.0 1
...so you could use the "ip-up" script to do this:
#!/bin/sh
# ip-up script knows about framed-route
IFNAME=$1
PEERIP=$5
AVP_PATH=/var/run/radattr
egrep -i '^Framed-Route ' $AVP_PATH.$IFNAME | while read attr val1 valN
do
route add -net $val1 gw $PEERIP
done
...or something similar. You just need to have:
plugin radius.so
plugin radattr.so
...in your options file. Hope that helps.
More information about the Freeradius-Users
mailing list