Dynamic IP Allocation With Freeradius

Ivan Kalik tnt at kalik.net
Sat Apr 12 16:49:03 CEST 2008


>Dear Friends,
>
>Right now I have setup working of freeradius with mysql authentication. I have static & dynamic group created in mysql and all seems working. Currently static IPs are provided by radius with mysql backend. But dynamic IP is provided by Cisco Router. Cisco router is configured as PPPOE/PPPOA. Cisco does all authentication with freeradius. 
>
>Now what I want is to provided Dynamic IPs with freeradius instead of Cisco. I have searched alot and tried few setting but that didnt worked. Is it possible to configure USERS file and have all dynamic users get dynamically using USERS file ? I checked but wasnt sucessful. Or a solution in mysql itself. 
>
>For testing i had activated below config in radiusd.conf
>
>       ippool main_pool {
>
>                #  range-start,range-stop: The start and end ip
>                #  addresses for the ip pool
>                range-start = 192.168.1.1
>                range-stop = 192.168.3.254
>
>                #  netmask: The network mask used for the ip's
>                netmask = 255.255.255.0
>
>                #  cache-size: The gdbm cache size for the db
>                #  files. Should be equal to the number of ip's
>                #  available in the ip pool
>                cache-size = 800
>
>                # session-db: The main db file used to allocate ip's to clients
>                session-db = ${raddbdir}/db.ippool
>
>                # ip-index: Helper db index file used in multilink
>                ip-index = ${raddbdir}/db.ipindex
>
>                # override: Will this ippool override a Framed-IP-Address already set
>                override = no
>
>                # maximum-timeout: If not zero specifies the maximum time in seconds an
>                # entry may be active. Default: 0
>                maximum-timeout = 0
>        }
>
>
>main_pool in accounting & post-auth modules.

All you have to do is add Pool-Name := main_pool as a check item in user
configuration. Doesn't matter is it in users or sql. It makes sense to
make a group for dynamic users and add this to radgroupcheck. You should
also consider netmask 255.255.255.255 for PPP users. There is no reason
why would they see each other on the network.

>
>
>doing this and starting the radius gives me segmentation error. 
>

start or HUP?

Ivan Kalik
Kalik informatika ISP




More information about the Freeradius-Users mailing list