Overriding proxy response
Johan Meiring
jmeiring at pcservices.co.za
Mon Oct 5 10:26:01 CEST 2009
Alan DeKok wrote:
> Eric wrote:
>> What I need to do is look for MS-CHAP-Error 648 (which means the
>> password needs to be changed) and then add a different IP address and
>> filter + DNS server information in order for the end-user to be
>> redirected to a webserver.
>
> Right now, the server can't change a proxied Access-Reject to an
> Access-Accept. Even if it could, RADIUS doesn't support sending DNS
> information.
Captive portal is not always possible.
E.g. our local telco (Telkom) supports the above scheme for capped accoutings.
You may supply DNS servers via Radius attibutes to the NAS.
The NAS will then assign your DNS servers to the client in stead of the
standard telco DNS servers.
You then setup your DNS servers to fake it, and supply your "topup page" IP
address for and DNS request.
It is a silly scheme, but it is all they support.
--
Johan Meiring
Cape PC Services CC
Tel: (021) 883-8271
Fax: (021) 886-7782
More information about the Freeradius-Users
mailing list