frammed ip adress

David Hláčik david at hlacik.eu
Mon Apr 14 16:28:06 CEST 2008


I will configure ippool vpn_main_pool {.... } in radius.conf
If i will use it in accounting section ( vpn_main_pool ) i will get
following error :]

adiusd.conf[1685]: vpn_main_pool: Module instantiation failed.
radiusd.conf[2112] Unknown module "vpn_main_pool".
radiusd.conf[2089] Failed to parse accounting section.

D.

2008/4/14 David Hláčik <david at hlacik.eu>:

> Can i before :
>
> DEFAULT   Ldap-Group == "GroupLetters", Pool-Name := letters
> DEFAULT   Ldap-Group == "GroupNumbers", Pool-Name := numbers
> add
>
> DEFAULT Pool-Name := vpn_main
>
> which will asign vpn_main pool to all other groups not defined in users
> file?
>
> Thanks!
>
> 2008/4/6 Ivan Kalik <tnt at kalik.net>:
>
> ldap looks fine to me, but I don't use it.
> >
> > Ivan Kalik
> > Kalik Informatika ISP
> >
> >
> > Dana 6/4/2008, "David Hláčik" <david at hlacik.eu> piše:
> >
> > >Thanks Ivan!,
> > >
> > >can i understand it like that my group structure in LDAP is okay, and
> > there
> > >is only need to add those to users file and it will work?
> > >
> > >D.
> > >
> > >2008/4/5 Ivan Kalik <tnt at kalik.net>:
> > >
> > >> DEFAULT   Ldap-Group == "GroupLetters", Pool-Name := letters
> > >>
> > >> DEFAULT   Ldap-Group == "GroupNumbers", Pool-Name := numbers
> > >>
> > >> Ivan Kalik
> > >> Kalik Informatika ISP
> > >>
> > >>
> > >> Dana 5/4/2008, "David Hláčik" <david at hlacik.eu> piše:
> > >>
> > >> >Hi,
> > >> >
> > >> >i will describe what i am trying to achieve.
> > >> >
> > >> >This is my sample ldap structure
> > >> >
> > >> >users (inetOrgPerson) :
> > >> >
> > >> >
> > >> >cn=User1,ou=Users,o=Polarion
> > >> >cn=User2,ou=Users,o=Polarion
> > >> >cn=UserA,ou=Users,o=Polarion
> > >> >cn=UserB,ou=Users,o=Polariong
> > >> >groups (GroupOfNames)
> > >> >
> > >> >cn=GroupNumbers,ou=Groups,o=Polarion
> > >> >      member=cn=User1,ou=Users,o=Polarion
> > >> >      member=cn=User2,ou=Users,o=Polarion
> > >> >
> > >> > cn=GroupLetters,ou=Groups,o=Polarion
> > >> >      member=cn=UserA,ou=Users,o=Polarion
> > >> >      member=cn=UserB,ou=Users,o=Polarion
> > >> >
> > >> >I want to be able to assign different poll-name per group
> > >> >
> > >> >for GroupNumbers Pool-Name number
> > >> >for GroupLetters Pool-Name letters
> > >> >
> > >> >How can i achieve this without adding any attribute to user entry?
> > (users
> > >> >have access to their dn, so they will be able to change it - this is
> > what
> > >> i
> > >> >want to block! , i know i can set readonly access in slapd.conf, but
> > this
> > >> is
> > >> >not what i want)
> > >> >
> > >> >1) One scenario i was thinking of is to add in radius to users file
> > :
> > >> >
> > >> >DEFAULT Pool-Name == numbers, Ldap-Group
> > >> >== cn=GroupNumbers,ou=Groups,o=Polarion
> > >> >  Fall-Through = no
> > >> >
> > >> >DEFAULT NAS-Port-Type == letters, Ldap-Group ==
> > >> >cn=GroupLetters,ou=Groups,o=Polarion
> > >> >  Fall-Through = no
> > >> >
> > >> >But what i need to add to ldap - configuration part in order to make
> > it
> > >> >work?
> > >> >
> > >> >Thanks very very much for help!
> > >> >
> > >> >Regards,
> > >> >
> > >> >David
> > >> >On Wed, Apr 2, 2008 at 12:13 PM, Ivan Kalik <tnt at kalik.net> wrote:
> > >> >
> > >> >> >So if i understand clear a i need to name and configure ip pool
> > parts
> > >> in
> > >> >> >radius.conf and than use this name as a Pool-Name in LDAp P?
> > >> >>
> > >> >> Yes.
> > >> >>
> > >> >> >Is there a
> > >> >> >chance to specify range directly in LDAP and not in ip pool?
> > >> >> >
> > >> >>
> > >> >> No, but there is sqlippool. Or use DHCP on your NAS. Or define IP
> > pools
> > >> >> on the NAS and select them with Framed-Pool if your NAS supports
> > it.
> > >> >> Cisco doesn't but you can set IP pool with avpairs.
> > >> >>
> > >> >> Ivan Kalik
> > >> >> Kalik Informatika ISP
> > >> >>
> > >> >>  -
> > >> >> List info/subscribe/unsubscribe? See
> > >> >> http://www.freeradius.org/list/users.html
> > >> >>
> > >> >
> > >> >
> > >>
> > >> -
> > >> List info/subscribe/unsubscribe? See
> > >> http://www.freeradius.org/list/users.html
> > >>
> > >
> >
> > -
> > List info/subscribe/unsubscribe? See
> > http://www.freeradius.org/list/users.html
> >
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20080414/8ba75037/attachment.html>


More information about the Freeradius-Users mailing list