Framed-IP-Address Help
Alan DeKok
aland at deployingradius.com
Tue Mar 10 23:45:22 CET 2020
On Mar 10, 2020, at 4:51 PM, Aurélio de Souza Ribeiro Neto <netolistas at mpc.com.br> wrote:
> In my default configuration file I did this change in authenticate
> session:
>
> Auth-Type mschap {
> mschap {
> reject = 1
> }
> if(reject) {
> update control {
> Pool-Name := "mkt_pool"
> }
> update reply {
> Mikrotik-Rate-Limit := "2M/2M"
> }
> ok
> }
> }
>
> This change is for give an IP from another POOL if the user is with
> invalid credentials.
You can send an Access-Accept, but it won't contain the correct MS-CHAP data. So the end user system will ignore it, and the IP address assignment.
> All works fine if the IP comes from DHCP, but if the user have a
> fixed IP then the IP is not changed.
It works fine for DHCP because DHCP doesn't do user authentication.
> How can I remove the fixed IP to force the user to receive an IP
> from pool that I choose?
You can't. The Access-Accept doesn't contain the correct MS-CHAP data.
Alan DeKok.
More information about the Freeradius-Users
mailing list