assigning different ippools according to huntgroups
Ami Schieber
ami.schieber at gmail.com
Tue Sep 19 16:08:15 CEST 2006
Solved.
Pool-Name is a check item :
users:
DEFAULT Huntgroup-Name == "t1", Pool-Name := Pool-t1
Fall-Through = No
DEFAULT Huntgroup-Name == "t2", Pool-Name := Pool-t2
Fall-Through = No
DEFAULT Huntgroup-Name == "d1", Pool-Name := Pool-d1
Fall-Through = No
On 9/19/06, Ami Schieber <ami.schieber at gmail.com> wrote:
>
> Hi,
>
> I have 3 NAS and want to assign Framed-IP-Address from 3 different IP
> pools according to the NAS the user logs in from.
> Config below looks fine to me and I can see that the huntgroup is indeed
> matched but there seems to be a problem with the postauth definition.
>
> Please advise,
>
> Ami
>
> My config has :
>
> huntgroups:
>
> t1 NAS-IP-Address == 172.16.2.1
>
> t2 NAS-IP-Address == 172.16.3.1
>
> d1 NAS-IP-Address == 172.16.4.1
>
> users:
>
> DEFAULT Huntgroup-Name == "t1"
> Pool-Name := Pool-t1,
> Fall-Through = No
>
> DEFAULT Huntgroup-Name == "t2"
> Pool-Name := Pool-t2,
> Fall-Through = No
>
> DEFAULT Huntgroup-Name == "d1"
> Pool-Name := Pool-d1,
> Fall-Through = No
>
> Radiusd.conf:
>
> ippool Pool-t1 {
> range-start = 172.16.2.30
> range-stop = 172.16.2.50
> netmask = 255.255.255.0
> cache-size = 20
> session-db = ${raddbdir}/t1db.ippool
> ip-index = ${raddbdir}/t1db.ipindex
> }
>
> ippool Pool-t2 {
> range-start = 172.16.3.30
> range-stop = 172.16.3.50
> netmask = 255.255.255.0
> cache-size = 20
> session-db = ${raddbdir}/t2db.ippool
> ip-index = ${raddbdir}/t2db.ipindex
> }
>
> ippool Pool-d1 {
> range-start = 172.16.4.30
> range-stop = 172.16.4.50
> netmask = 255.255.255.0
> cache-size = 20
> session-db = ${raddbdir}/d1db.ippool
> ip-index = ${raddbdir}/d1db.ipindex
> }
>
> accounting {
> radutmp
> # Return an address to the IP Pool when we see a stop record.
> Pool-t1
> Pool-t2
> Pool-d1
> }
>
> post-auth {
> # Get an address from the IP Pool
> Pool-t1
> Pool-t2
> Pool-d1
> }
>
>
>
>
> log:
>
> rad_recv: Access-Request packet from host 172.16.3.1:32802, id=122,
> length=55
> User-Name = "Ami"
> User-Password = "ami123"
> NAS-Port = 11
> NAS-IP-Address = 172.16.3.1
> Processing the authorize section of radiusd.conf
> modcall: entering group authorize for request 0
> modcall[authorize]: module "preprocess" returns ok for request 0
> modcall[authorize]: module "chap" returns noop for request 0
> modcall[authorize]: module "mschap" returns noop for request 0
> rlm_realm: No '@' in User-Name = "Ami", looking up realm NULL
> rlm_realm: No such realm "NULL"
> modcall[authorize]: module "suffix" returns noop for request 0
> rlm_eap: No EAP-Message, not doing EAP
> modcall[authorize]: module "eap" returns noop for request 0
> users: Matched entry Ami at line 26
> users: Matched entry DEFAULT at line 41
> modcall[authorize]: module "files" returns ok for request 0
> modcall: leaving group authorize (returns ok) for request 0
> auth: type Local
> auth: user supplied User-Password matches local User-Password
> Processing the post-auth section of radiusd.conf
> modcall: entering group post-auth for request 0
> rlm_ippool: Could not find Pool-Name attribute.
> modcall[post-auth]: module "Pool-t1" returns noop for request 0
> rlm_ippool: Could not find Pool-Name attribute.
> modcall[post-auth]: module "Pool-t2" returns noop for request 0
> rlm_ippool: Could not find Pool-Name attribute.
> modcall[post-auth]: module "Pool-d1" returns noop for request 0
> modcall: leaving group post-auth (returns noop) for request 0
> Sending Access-Accept of id 122 to 172.16.3.1 port 32802
> Finished request 0
>
>
>
>
> radiusd.conf:
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20060919/c2a6f6ef/attachment.html>
More information about the Freeradius-Users
mailing list