Mikrotik ignores Framed-IP-Address

Marinko Tarlac mangia81 at gmail.com
Mon Nov 12 22:12:22 CET 2007 

Well I'm trying to use it. When I enter for example
ID |   UserName  |   Attribute  |   op

32 | user | Framed-IP-Address | 192.168.8.152 | :=

in radreply table, user should get static IP address (in this case 192.168.8.152) but this is ignored by Mikrotik because Framed-Pool is also available because user is inside specific group which has defined IP pool. When I delete IP pool from Mikrotik everything works fine... It seem that finally I will wrote specific perl or php script who will be dedicated to decide

if framed-ip-address exist send it to MT
	else send IP-pool name 




Re: Mikrotik ignores Framed-IP-Address (tnt at kalik.co.yu)
>    
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Mon, 12 Nov 2007 12:55:14 +0100
> From: <tnt at kalik.co.yu>
> Subject: Re: Mikrotik ignores Framed-IP-Address
> To: "FreeRadius users mailing list"
> 	<freeradius-users at lists.freeradius.org>
> Message-ID: <fXF2NwKz.1194868514.1514360.tnt at kalik.co.yu>
> Content-Type: text/plain; charset=ISO-8859-2
>
> Use one way to assign IP addresses: DHCP or radius. If you want to give
> static addresses to devices use dhcp pools (dynamic IP) and reservations
> (static IP); if you want to give static IPs to users than use radius
> ippool (dynamic IP) and (static) IP address assignment.
>
> Ivan Kalik
> Kalik Informatika ISP
>
> Dana 12/11/2007, "Marinko Tarlac" <mangia81 at gmail.com> pi?e:
>
>   
>> Hello
>>
>> I have freeradius and Mikrotik combination and here is the problem.
>> Freeradius is configured to use mysql database. When I add
>> Framed-IP-Address for certain user (in radreply table) For example
>>
>> 32  	user  	Framed-IP-Address  	10.51.8.152  	:=
>>
>> It works but only if I don't have IP pool created on Mikrotik. If I
>> create IP pool than Framed-IP-Address is ignored. Framed-Pool is
>> specified for every group and attributes for every group is added in
>> radgroupreply table.
>>
>> Log without IP pool
>>
>> rad_recv: Access-Request packet from host 192.168.1.7:1026, id=229, length=149
>>        Service-Type = Framed-User
>>        Framed-Protocol = PPP
>>        NAS-Port = 870
>>        NAS-Port-Type = Ethernet
>>        User-Name = "admin-test"
>>        Calling-Station-Id = "00:C0:CA:18:75:B3"
>>        Called-Station-Id = "radius"
>>        NAS-Port-Id = "ether1"
>>        CHAP-Challenge = 0x89a28dc77659b6311a88c16eb7500767
>>        CHAP-Password = 0x01d385ce5c814c1d1db9cafadb4736c351
>>        NAS-Identifier = "1.7 - h-0"
>>        NAS-IP-Address = 192.168.1.7
>>  rlm_chap: Setting 'Auth-Type := CHAP'
>> rlm_sql (sql): Reserving sql socket id: 4
>> rlm_sql (sql): Released sql socket id: 4
>>  rlm_chap: login attempt by "admin-test" with CHAP password
>>  rlm_chap: Using clear text password "perica" for user admin-test
>> authentication.
>>  rlm_chap: chap user admin-test authenticated succesfully
>> Sending Access-Accept of id 229 to 192.168.1.7 port 1026
>>        Framed-IP-Address := 192.168.8.152
>>        Framed-MTU = 576
>>        Service-Type = Framed-User
>>        Framed-Protocol = PPP
>>        Framed-Compression = Van-Jacobson-TCP-IP
>>        Ascend-Data-Rate := 0
>>        Ascend-Xmit-Rate := 0
>>        Framed-Pool := "radius"
>>
>> Log with created IP pool called "radius"
>>
>> rad_recv: Access-Request packet from host 192.168.1.7:1027, id=240, length=149
>>        Service-Type = Framed-User
>>        Framed-Protocol = PPP
>>        NAS-Port = 872
>>        NAS-Port-Type = Ethernet
>>        User-Name = "admin-test"
>>        Calling-Station-Id = "00:C0:CA:18:75:B3"
>>        Called-Station-Id = "radius"
>>        NAS-Port-Id = "ether1"
>>        CHAP-Challenge = 0x5293ac8321ad51693a5e3109f8887511
>>        CHAP-Password = 0x01b0a9f7bca1f632878bee51c13d667f5c
>>        NAS-Identifier = "1.7 - h-0"
>>        NAS-IP-Address = 192.168.1.7
>>  rlm_chap: Setting 'Auth-Type := CHAP'
>> rlm_sql (sql): Reserving sql socket id: 4
>> rlm_sql (sql): Released sql socket id: 4
>>  rlm_chap: login attempt by "admin-test" with CHAP password
>>  rlm_chap: Using clear text password "perica" for user admin-test
>> authentication.
>>  rlm_chap: chap user admin-test authenticated succesfully
>> Sending Access-Accept of id 240 to 192.168.1.7 port 1027
>>        Framed-IP-Address := 192.168.8.152
>>        Framed-MTU = 576
>>        Service-Type = Framed-User
>>        Framed-Protocol = PPP
>>        Framed-Compression = Van-Jacobson-TCP-IP
>>        Ascend-Data-Rate := 0
>>        Ascend-Xmit-Rate := 0
>>        Framed-Pool := "radius"
>> rad_recv: Accounting-Request packet from host 192.168.1.7:1027,
>> id=241, length=146
>>        Service-Type = Framed-User
>>        Framed-Protocol = PPP
>>        NAS-Port = 872
>>        NAS-Port-Type = Ethernet
>>        User-Name = "admin-test"
>>        Calling-Station-Id = "00:C0:CA:18:75:B3"
>>        Called-Station-Id = "radius"
>>        NAS-Port-Id = "ether1"
>>        Acct-Session-Id = "81d00316"
>>        Framed-IP-Address = 192.168.8.159
>>        Acct-Authentic = RADIUS
>>        Acct-Status-Type = Start
>>        NAS-Identifier = "1.7 - h-0"
>>        NAS-IP-Address = 192.168.1.7
>>        Acct-Delay-Time = 0
>> rlm_sql (sql): Reserving sql socket id: 3
>> rlm_sql (sql): Released sql socket id: 3
>> Sending Accounting-Response of id 241 to 192.168.1.7 port 1027
>>
>> Any ideas?
>>     
>
>

More information about the Freeradius-Users mailing list