Assign IP based on CallingStationID.
Peter Nixon
listuser at peternixon.net
Thu Nov 9 10:27:33 CET 2006
Hi Banga
We have a large system in production that does almost exactly what you state.
It can all be done with a few modifications of the sql queries. (Infact we
have a rather complex postgresql stored procedure, but one simpler query is
possible depending on what you need).
If you wish to assign dynamic ips, but bound to callingstationid, not username
this is also possible with sqlippool.. Read the comments in the config file
in cvs.
Cheers
Peter
On Thu 09 Nov 2006 11:10, banga wrote:
> I use dafault table-layout.
> How I understand you just change username authentication to
> callingstationid authentication inside sql.conf. Thx, it’s really good
> idea. I think that I could do the same by myself, but it will take a time.
> Therefore any examples will be very useful. Can you post it here?
> If It’s too big you can send it to me - “nebula-at-inbox-lv”.
>
> >From other side, I need username/password authentication also (for other
>
> users) therefore it will be difficult to implement this ( may be I’ll
> install another freeradius specially for that).
>
> In my situation radius for some users check username/password, for other
> users it should do the next:
> check username/password/callingstationid (in fact username and password
> always the same)
> if callingstationid has specific value (can be dosen specifc
> callingstationid_s) then replay accept and some specific IP for each
> specific callingstationid or just assign ip from radius pool.
> if callingstationid is not in the list of “specific callingstationid” then
> just replay accept and NAS will assign ip from equipment’s IP pool
>
> Main Idea: For now most users has the same username and password and it is
> not possible to change anything in that. Some callingstationid is not
> friendly for my network (they should have only http traffic). That’s why I
> want to assign them IP from specific pool – I going to setup firewall rules
> for a such IPs.
>
> Any idea ?
>
> John Longland wrote:
> > Yes, I have just done it.
> >
> > You need to change the sql-statement in /etc/raddb/sql.conf
> >
> > That is the
> > autorize_check_query.Depending on how you use your tables, the query
> > that I am using may or may not work. If you want I can give you the
> > one that works for me if you supply your table-layout.
> >
> > JOhn
> > P.S> The statement I use does NOT check username/password !!!
> >
> > -----Original Message-----
> > From:
> > freeradius-users-bounces+jlongland=grintek.com at lists.freeradius.org
> > [mailto:freeradius-users-bounces+jlongland=grintek.com at lists.freeradius.
> > org]On Behalf Of banga
> > Sent: 08 November 2006 11:37
> > To: freeradius-users at lists.freeradius.org
> > Subject: Assign IP based on CallingStationID.
> >
> >
> >
> > Hello all.
> > I use freeradius ver. 1.1.1 + mysql.
> > I use same login/password for couple of users but they has different
> > callingstationid.
> > Is it possible to check callingstationid and asiighn IP based on it?
> > Do I need to create some additional tables in mysql for that?
> >
> > Thx.
> >
> > --
> > View this message in context:
> > http://www.nabble.com/Assign-IP-based-on-CallingStationID.-tf2594146.html
> >#a7 235317
> > Sent from the FreeRadius - User mailing list archive at Nabble.com.
> >
> > -
> > List info/subscribe/unsubscribe? See
> > http://www.freeradius.org/list/users.html
> >
> > -
> > List info/subscribe/unsubscribe? See
> > http://www.freeradius.org/list/users.html
--
Peter Nixon
http://www.peternixon.net/
PGP Key: http://www.peternixon.net/public.asc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20061109/f4998a55/attachment.pgp>
More information about the Freeradius-Users
mailing list