Mikrotik ignores Framed-IP-Address
Marinko Tarlac
mangia81 at gmail.com
Mon Nov 12 22:12:22 CET 2007
Well I'm trying to use it. When I enter for example
ID | UserName | Attribute | op
32 | user | Framed-IP-Address | 192.168.8.152 | :=
in radreply table, user should get static IP address (in this case 192.168.8.152) but this is ignored by Mikrotik because Framed-Pool is also available because user is inside specific group which has defined IP pool. When I delete IP pool from Mikrotik everything works fine... It seem that finally I will wrote specific perl or php script who will be dedicated to decide
if framed-ip-address exist send it to MT
else send IP-pool name
Re: Mikrotik ignores Framed-IP-Address (tnt at kalik.co.yu)
>
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Mon, 12 Nov 2007 12:55:14 +0100
> From: <tnt at kalik.co.yu>
> Subject: Re: Mikrotik ignores Framed-IP-Address
> To: "FreeRadius users mailing list"
> <freeradius-users at lists.freeradius.org>
> Message-ID: <fXF2NwKz.1194868514.1514360.tnt at kalik.co.yu>
> Content-Type: text/plain; charset=ISO-8859-2
>
> Use one way to assign IP addresses: DHCP or radius. If you want to give
> static addresses to devices use dhcp pools (dynamic IP) and reservations
> (static IP); if you want to give static IPs to users than use radius
> ippool (dynamic IP) and (static) IP address assignment.
>
> Ivan Kalik
> Kalik Informatika ISP
>
> Dana 12/11/2007, "Marinko Tarlac" <mangia81 at gmail.com> pi?e:
>
>
>> Hello
>>
>> I have freeradius and Mikrotik combination and here is the problem.
>> Freeradius is configured to use mysql database. When I add
>> Framed-IP-Address for certain user (in radreply table) For example
>>
>> 32 user Framed-IP-Address 10.51.8.152 :=
>>
>> It works but only if I don't have IP pool created on Mikrotik. If I
>> create IP pool than Framed-IP-Address is ignored. Framed-Pool is
>> specified for every group and attributes for every group is added in
>> radgroupreply table.
>>
>> Log without IP pool
>>
>> rad_recv: Access-Request packet from host 192.168.1.7:1026, id=229, length=149
>> Service-Type = Framed-User
>> Framed-Protocol = PPP
>> NAS-Port = 870
>> NAS-Port-Type = Ethernet
>> User-Name = "admin-test"
>> Calling-Station-Id = "00:C0:CA:18:75:B3"
>> Called-Station-Id = "radius"
>> NAS-Port-Id = "ether1"
>> CHAP-Challenge = 0x89a28dc77659b6311a88c16eb7500767
>> CHAP-Password = 0x01d385ce5c814c1d1db9cafadb4736c351
>> NAS-Identifier = "1.7 - h-0"
>> NAS-IP-Address = 192.168.1.7
>> rlm_chap: Setting 'Auth-Type := CHAP'
>> rlm_sql (sql): Reserving sql socket id: 4
>> rlm_sql (sql): Released sql socket id: 4
>> rlm_chap: login attempt by "admin-test" with CHAP password
>> rlm_chap: Using clear text password "perica" for user admin-test
>> authentication.
>> rlm_chap: chap user admin-test authenticated succesfully
>> Sending Access-Accept of id 229 to 192.168.1.7 port 1026
>> Framed-IP-Address := 192.168.8.152
>> Framed-MTU = 576
>> Service-Type = Framed-User
>> Framed-Protocol = PPP
>> Framed-Compression = Van-Jacobson-TCP-IP
>> Ascend-Data-Rate := 0
>> Ascend-Xmit-Rate := 0
>> Framed-Pool := "radius"
>>
>> Log with created IP pool called "radius"
>>
>> rad_recv: Access-Request packet from host 192.168.1.7:1027, id=240, length=149
>> Service-Type = Framed-User
>> Framed-Protocol = PPP
>> NAS-Port = 872
>> NAS-Port-Type = Ethernet
>> User-Name = "admin-test"
>> Calling-Station-Id = "00:C0:CA:18:75:B3"
>> Called-Station-Id = "radius"
>> NAS-Port-Id = "ether1"
>> CHAP-Challenge = 0x5293ac8321ad51693a5e3109f8887511
>> CHAP-Password = 0x01b0a9f7bca1f632878bee51c13d667f5c
>> NAS-Identifier = "1.7 - h-0"
>> NAS-IP-Address = 192.168.1.7
>> rlm_chap: Setting 'Auth-Type := CHAP'
>> rlm_sql (sql): Reserving sql socket id: 4
>> rlm_sql (sql): Released sql socket id: 4
>> rlm_chap: login attempt by "admin-test" with CHAP password
>> rlm_chap: Using clear text password "perica" for user admin-test
>> authentication.
>> rlm_chap: chap user admin-test authenticated succesfully
>> Sending Access-Accept of id 240 to 192.168.1.7 port 1027
>> Framed-IP-Address := 192.168.8.152
>> Framed-MTU = 576
>> Service-Type = Framed-User
>> Framed-Protocol = PPP
>> Framed-Compression = Van-Jacobson-TCP-IP
>> Ascend-Data-Rate := 0
>> Ascend-Xmit-Rate := 0
>> Framed-Pool := "radius"
>> rad_recv: Accounting-Request packet from host 192.168.1.7:1027,
>> id=241, length=146
>> Service-Type = Framed-User
>> Framed-Protocol = PPP
>> NAS-Port = 872
>> NAS-Port-Type = Ethernet
>> User-Name = "admin-test"
>> Calling-Station-Id = "00:C0:CA:18:75:B3"
>> Called-Station-Id = "radius"
>> NAS-Port-Id = "ether1"
>> Acct-Session-Id = "81d00316"
>> Framed-IP-Address = 192.168.8.159
>> Acct-Authentic = RADIUS
>> Acct-Status-Type = Start
>> NAS-Identifier = "1.7 - h-0"
>> NAS-IP-Address = 192.168.1.7
>> Acct-Delay-Time = 0
>> rlm_sql (sql): Reserving sql socket id: 3
>> rlm_sql (sql): Released sql socket id: 3
>> Sending Accounting-Response of id 241 to 192.168.1.7 port 1027
>>
>> Any ideas?
>>
>
>
More information about the Freeradius-Users
mailing list