Multiple responses per user, based on NAS

John Mylchreest John.Mylchreest at ioko.com
Thu Mar 23 16:15:07 CET 2006 

Hi guys,

 

I’m currently mulling over two important things for us.

Before I state the problems though, any input would certainly be appreciated and also that we have this working at the moment, but it did require a schema change to support.

 

1: How would radius be able to respond with a different fixed IP address (or a set/subset of other attributes) from radreply, based on the NAS the user connected from?

2: why would you Proxy-To-Realm and point it to a different instance/box, instead of handle it all within the local realm? Ie: Why is handing off the request a good thing, instead of building the functionality into the LOCAL realm. I have my own opinions on this, but I’d like some group input.

 

Currently we have a nasty hack where in the radreply we have an additional field which links to the NAS. In the SQL query (this is all sql backed) we link the NAS field to the real NAS and therefore selectively respond with a different fixed IP, or set of attributes.

 

This as stated, requires a schema hack and I would like to support it without. How would you go about it?

For the record, the same goes against radgroupcheck/reply but that should follow suit with any solution.

 

Any suggestions welcome,

Cheers.

 

John

 

--

John Mylchreest

ioko

T: +44 (0)1904 438000 x324

M: +44 (0)7730 529047

E: john.mylchreest at ioko.com

 



Communications on or through ioko's computer systems may be monitored or recorded to secure effective system operation and for other lawful purposes.

Unless otherwise agreed expressly in writing, this communication is to be treated as confidential and the information in it may not be used or disclosed except for the purpose for which it has been sent. If you have reason to believe that you are not the intended recipient of this communication, please contact the sender immediately. No employee is authorised to conclude any binding agreement on behalf of ioko with another party by e-mail without prior express written confirmation.

ioko365 Ltd.  VAT reg 656 2443 31. Reg no 3048367. All rights reserved.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20060323/2be95f1b/attachment.html>

More information about the Freeradius-Users mailing list