authenticate realm no matter what username is

Barry Murphy barry at vibecommunications.co.nz
Fri Aug 26 11:16:50 CEST 2011


Hey guys,

We're an ISP providing ADSL services ourselves and on behalf of our wholesalers. I have a bunch of realms that are LOCAL and proxied which work with no issues. I'm trying to add realms of competitors to our radius so when customers are migrated from our competitors to our network they get authenticated and I drop them into a VRF displaying to them they need to change their login details. I've already got the VRF working, the forwarder page etc, I just can't seem to get users to authenticate with a wildcard *@dsl.competitor.co.nz

I have tried the following varies in users file…

DEFAULT User-Name =~ "~*\\.xnet\\.co\\.nz$"
Auth-Type := Accept,
Pool-Name := un-auth,
Service-Type = Framed-User,
Framed-Protocol = PPP,
Cisco-Avpair += "ip:vrf-id=Suspended",
Cisco-Avpair += "ip:ip-unnumbered=Loopback 1000",
Cisco-Avpair += "ip:dns-servers=14.1.33.1 120.136.0.25"

DEFAULT  Realm == "ihug.co.nz", Auth-Type := Accept

None work and all look for a username. So in the above scenarios I want anything at dsl.xnet.co.nz or whatever at ihug.co.nz to authenticate and be assigned an IP address from the pool and dropped into the vrf Suspended where I do my tricks based on their IP address to display a splash page advising the customer its time to modify their username & password on their router.

I've found many examples based on MAC authentication but none that work unfortunately.

Any help would be much appreciated

Thanks
Barry

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20110826/d1b6db10/attachment.html>


More information about the Freeradius-Users mailing list