The hungroups are fine to use, I didn't implement them until I went to MySQL. It helps to lock down things, and make sure everything is coming from the right place.
The OPS and DIALUP things are what I set up on our end. DIALUP covers all our customer dilaing in, DSL, isdn IE using PPP( this authenticates to our main RADIUS cluster). The OPS section is for our network operations department to auth to the routers via a separate FreeRadius/MySQL server for tracking purposes. It could use some tweaking, but have not had time. As for the 'Virtual', it was there when I started, though it does corolate to what Virtual Interfaces on the Cisco router. Since each customer doing PPPoE/PPPoA gets a VirtualInterface when they authenticate. If you have further questions post here or email me at the address below. Good luck.... Ross Reed rcreed at tecinfo.net -----Original Message----- From: DPaul Sparks [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 30, 2003 12:41 PM To: [EMAIL PROTECTED] Subject: Re: DSL, Cisco, static ip Thanks for your help Ross, I will give that a whirl later today... A couple of questions, though - >testuser Auth-Type =3D System,NAS-Port-Type =3D Virtual > User-Service-Type =3D Framed-User, > Framed-Protocol =3D PPP, > Framed-Address =3D 192.168.1.2, > Framed-Netmask =3D 255.255.255.255, > Framed-Route =3D "192.168.1.2/32 0.0.0.0 2", > Framed-Routing =3D None, > Framed-MTU =3D 1492 It appears that you're suggesting the "huntgroups" entries and references to be overkill. No need to explain if that is your opinion...I would just like to be certain that you've found no need for going that route while maintaining a functional setup. Secondly, where did you find reference to associate the NAS-Port-Type with 'Virtual'? And lastly, related to what's below: >aaa new-model >aaa group server radius OPS > server ****** auth-port 1645 acct-port 1646 >aaa group server radius DIALUP > server ****** auth-port 1812 acct-port 1813 > server ****** auth-port 1812 acct-port 1813 >aaa authentication login default local group OPS >aaa authentication ppp default group DIALUP local >aaa authorization exec default local group OPS >aaa authorization network default group DIALUP local >aaa accounting delay-start >aaa accounting exec default start-stop group OPS >aaa accounting network default start-stop group DIALUP >aaa accounting connection default start-stop group DIALUP >aaa nas port extended Apparently, your references to DIALUP and OPS have to do with..?..two different products? Does DIALUP refer to exactly what it says ? 56K dial-in users? And, what about OPS? Or, are these Cisco variables that I've just not stumbled across yet? Anyway...I truly appreciate what time you've taken to assist me. Thanks Again, D. Paul Sparks Operations rodinetechnology.com [EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
