Framed-Route ignored

[Arthur Sigel]

Thank you very much. I will make one alteration for any future viewers.
ip-up requires the full path of any executables.  So, route should be
/sbin/route or the path to route.

Thank you even though it is clearly a pppd issue as I understand now.

Arthur

-----Original Message-----
From: freeradius-users-bounces at lists.freeradius.org
[mailto:freeradius-users-bounces at lists.freeradius.org] On Behalf Of Phil
Mayers
Sent: Tuesday, December 13, 2005 2:10 PM
To: FreeRadius users mailing list
Subject: Re: Framed-Route ignored

Arthur wrote:
> I have been trying to get this to work for a few days now with no 
> success.  I have set up poptop (PPTP) and it uses the 
> /etc/ppp/options.pptp file which has a plugin for radius.  plugin
radius.so
> 
>  

This isn't a FreeRadius question, so it would be better to ask on the 
pppd mailing list, but that said:

> 
> Radius will authenticate with my users fine, but I can't seem to get the 
> Framed-Route option to do anything.
> 
> I am trying to set a route for a mask and not just the single IP to 
> device ppp connection.
> 
>  
> 
> Does ppp just ignore the route and this option just doesn't work with 
> ppp or pptp?  Is there a workaround?

Yes, ppp ignores this option. You would have to patch pppd to do what 
you want directly.

However, there is also a "radattr" plugin, which puts the AVPs in 
/var/run/radattr.pppN in the following format:

Framed-Route 10.0.0.0/24 0.0.0.0 1

...so you could use the "ip-up" script to do this:

#!/bin/sh

# ip-up script knows about framed-route
IFNAME=$1
PEERIP=$5
AVP_PATH=/var/run/radattr

egrep -i '^Framed-Route ' $AVP_PATH.$IFNAME | while read attr val1 valN
do
   route add -net $val1 gw $PEERIP
done

...or something similar. You just need to have:

plugin radius.so
plugin radattr.so

...in your options file. Hope that helps.
- 
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html