h3c:Framed-IP-Address cisco:'Calling-Station-Id'

Ivan Kalik tnt at kalik.net
Tue Jun 9 11:16:49 CEST 2009


>    i have a h3c route and a cisco route,i want to set a user only can
> telnet
> to this two route from a PC with ip address 192.168.1.22,but h3c route use
> Framed-IP-Address = 192.168.1.22, CISCO use Calling-Station-Id =
> "192.168.1.22"
> how to set in mysql  radcheck?
> --------------------------------------------------------
> 100, 'miaowang', 'Framed-IP-Address', '==', '192.168.1.21'
> 101, 'miaowang, 'Calling-Station-Id', '==', '192.168.1.21'
> ----------------------------------------------------
> the value upon is error ,how to config ?
>   thanks !                           miaowang
>
>
>
> Packet-Type = Access-Request
> Tue Jun  9 13:24:15 2009
> NAS-IP-Address = 192.168.1.4
> NAS-Port = 1
> Cisco-NAS-Port = "tty1"
> NAS-Port-Type = Virtual
> User-Name = "miaowang"
> Calling-Station-Id = "192.168.1.22"
> User-Password = "111111"
> Client-IP-Address = 192.168.1.4
>
>
> Packet-Type = Access-Request
> Fri Jun  5 09:48:31 2009
> NAS-IP-Address = 192.168.1.15
> NAS-Identifier = "Quidway"
> NAS-Port = 40961
> NAS-Port-Type = Ethernet
> Framed-IP-Address = 192.168.1.22
> User-Name = "miaowang"
> Calling-Station-Id = "0000-0000-0000"
> Service-Type = Login-User
> Login-IP-Host = 192.168.1.15
> Framed-MTU = 1500
> User-Password = "111111"
> Client-IP-Address = 192.168.1.15

You can't enforce this just using sql. Use users file or unlang.

Hint: routers have access lists. Why don't you use them? It's much more
efficient.

Ivan Kalik
Kalik Informatika ISP




More information about the Freeradius-Users mailing list