Framed-IP-Address Help
Aurélio de Souza Ribeiro Neto
netolistas at mpc.com.br
Wed Mar 11 20:32:58 CET 2020
Alan,
Thanks for the reply, but I don't know if I was clear and you
understood what I want.
If a user, whith Framed-IP-Address attibute uses a wrong password,
I want to change the attribute Framed-IP-Address to Pool-Name.
It's possible?
Thanks
Em 10/03/2020 19:45, Alan DeKok escreveu:
> On Mar 10, 2020, at 4:51 PM, Aurélio de Souza Ribeiro Neto <netolistas at mpc.com.br> wrote:
>> In my default configuration file I did this change in authenticate
>> session:
>>
>> Auth-Type mschap {
>> mschap {
>> reject = 1
>> }
>> if(reject) {
>> update control {
>> Pool-Name := "mkt_pool"
>> }
>> update reply {
>> Mikrotik-Rate-Limit := "2M/2M"
>> }
>> ok
>> }
>> }
>>
>> This change is for give an IP from another POOL if the user is with
>> invalid credentials.
> You can send an Access-Accept, but it won't contain the correct MS-CHAP data. So the end user system will ignore it, and the IP address assignment.
>
>> All works fine if the IP comes from DHCP, but if the user have a
>> fixed IP then the IP is not changed.
> It works fine for DHCP because DHCP doesn't do user authentication.
>
>> How can I remove the fixed IP to force the user to receive an IP
>> from pool that I choose?
> You can't. The Access-Accept doesn't contain the correct MS-CHAP data.
>
> Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list