R: freeradius and IP pools

Arrigo Savio a.savio at bascom.it
Fri Dec 12 17:30:05 CET 2008 

OK. I have in proxy.conf:
realm with_ip {
        authhost        = LOCAL
        accthost        = LOCAL

realm without_ip {
        authhost        = LOCAL
        accthost        = LOCAL

Next I have mysql tables containing usernames:
mysql> select * from radcheck;
+----+----------+---------+--------------------+----+-------+
| id | username | realm   | attribute          | op | value |
+----+----------+---------+--------------------+----+-------+
|  1 | user     | with_ip | Cleartext-Password | := | ip    |
+----+----------+---------+--------------------+----+-------+
mysql> select * from radgroupcheck;
+----+-------------+-----------+----+----------+
| id | groupname   | attribute | op | value    |
+----+-------------+-----------+----+----------+
|  1 | withipgroup | Pool-Name | := | ip_pool |
+----+-------------+-----------+----+----------+
mysql> select * from radippool;
+----+-----------+-----------------+
| id | pool_name | framedipaddress |
+----+-----------+-----------------+
|  1 | ip_pool   | 10.0.0.1        |
|  2 | ip_pool   | 10.0.0.2        |
+----+-----------+-----------------+
mysql> select * from radusergroup;
+----------+---------+-------------+----------+
| username | realm   | groupname   | priority |
+----------+---------+-------------+----------+
| user     | with_ip | withipgroup |        1 |
+----------+---------+-------------+----------+

That's good for ip-provided users and it works. But I need to understand how
to configure the second user, the without-ip one.

Arrigo



-----Messaggio originale-----
Da: freeradius-users-bounces+a.savio=bascom.it at lists.freeradius.org
[mailto:freeradius-users-bounces+a.savio=bascom.it at lists.freeradius.org] Per
conto di tnt at kalik.net
Inviato: venerdì 12 dicembre 2008 17.02
A: FreeRadius users mailing list
Oggetto: Re: freeradius and IP pools

>For example:
>
>
>
>user at with_ip
>
>has to receive an IP from configured RADIPPOOL table
>
>
>
>user at without_ip
>
>has only to be authenticated (a user who log to a portal, for example).
>
>
>
>How can I make it possibile? Where can I setup this behaviuor?

Create those realms as local realms in proxy.conf. Put:

DEFAULT   Realm == with_ip, Pool-Name:= your_pool_name

in users file.

Ivan Kalik
Kalik Informatika ISP

More information about the Freeradius-Users mailing list