assigning different ippools according to huntgroups
Ami Schieber
ami.schieber at gmail.com
Tue Sep 19 15:37:34 CEST 2006
Hi,
I have 3 NAS and want to assign Framed-IP-Address from 3 different IP pools
according to the NAS the user logs in from.
Config below looks fine to me and I can see that the huntgroup is indeed
matched but there seems to be a problem with the postauth definition.
Please advise,
Ami
My config has :
huntgroups:
t1 NAS-IP-Address == 172.16.2.1
t2 NAS-IP-Address == 172.16.3.1
d1 NAS-IP-Address == 172.16.4.1
users:
DEFAULT Huntgroup-Name == "t1"
Pool-Name := Pool-t1,
Fall-Through = No
DEFAULT Huntgroup-Name == "t2"
Pool-Name := Pool-t2,
Fall-Through = No
DEFAULT Huntgroup-Name == "d1"
Pool-Name := Pool-d1,
Fall-Through = No
Radiusd.conf:
ippool Pool-t1 {
range-start = 172.16.2.30
range-stop = 172.16.2.50
netmask = 255.255.255.0
cache-size = 20
session-db = ${raddbdir}/t1db.ippool
ip-index = ${raddbdir}/t1db.ipindex
}
ippool Pool-t2 {
range-start = 172.16.3.30
range-stop = 172.16.3.50
netmask = 255.255.255.0
cache-size = 20
session-db = ${raddbdir}/t2db.ippool
ip-index = ${raddbdir}/t2db.ipindex
}
ippool Pool-d1 {
range-start = 172.16.4.30
range-stop = 172.16.4.50
netmask = 255.255.255.0
cache-size = 20
session-db = ${raddbdir}/d1db.ippool
ip-index = ${raddbdir}/d1db.ipindex
}
accounting {
radutmp
# Return an address to the IP Pool when we see a stop record.
Pool-t1
Pool-t2
Pool-d1
}
post-auth {
# Get an address from the IP Pool
Pool-t1
Pool-t2
Pool-d1
}
log:
rad_recv: Access-Request packet from host 172.16.3.1:32802, id=122,
length=55
User-Name = "Ami"
User-Password = "ami123"
NAS-Port = 11
NAS-IP-Address = 172.16.3.1
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok for request 0
modcall[authorize]: module "chap" returns noop for request 0
modcall[authorize]: module "mschap" returns noop for request 0
rlm_realm: No '@' in User-Name = "Ami", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 0
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for request 0
users: Matched entry Ami at line 26
users: Matched entry DEFAULT at line 41
modcall[authorize]: module "files" returns ok for request 0
modcall: leaving group authorize (returns ok) for request 0
auth: type Local
auth: user supplied User-Password matches local User-Password
Processing the post-auth section of radiusd.conf
modcall: entering group post-auth for request 0
rlm_ippool: Could not find Pool-Name attribute.
modcall[post-auth]: module "Pool-t1" returns noop for request 0
rlm_ippool: Could not find Pool-Name attribute.
modcall[post-auth]: module "Pool-t2" returns noop for request 0
rlm_ippool: Could not find Pool-Name attribute.
modcall[post-auth]: module "Pool-d1" returns noop for request 0
modcall: leaving group post-auth (returns noop) for request 0
Sending Access-Accept of id 122 to 172.16.3.1 port 32802
Finished request 0
radiusd.conf:
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20060919/f2ef932c/attachment.html>
More information about the Freeradius-Users
mailing list