On Mon, 28 Mar 2005, Jarred Cleem wrote:
I am setting up a test environment and I am having some problems. Any help would be great. I have the servers build very similarly to what is document at http://www.freeradius.org/radiusd/doc/ldap_howto.txt. I have created a few profiles like dialup, dsl, and isdn. I have the server working in the test environment and it seems to function very well. My question is how do I use profiles and still be able to pass specific attributes to the radius server that are dependent on the user. For example, if the user has been assigned a static IP address. Below is an example of an of the users file from the old Radius server that we are migrating off of.
default profile: An ldap entry holding radius attributes. Defined in the ldap module configuration and used in all cases
regular profile: An ldap entry holding radius attributes. Defined in the user entry as an attribute pointing to the dn of that entry. Used when authorizing that specific user.
user profile: The attributes contained in the user entry. These attributes take precedence to the attributes defined in the above profiles. So in general you can use default/regular profiles to define default attributes used in most cases and then define any user specific attributes inside each user's entry.
# Entry for Customer 1 dedicated dsl Customer1 Auth-Type = Local, Password = "xxxxxx" Service-Type = Framed-User, Framed-Protocol = PPP, Framed-IP-Address = 192.168.1.69, Framed-IP-Netmask = 255.255.255.252, Framed-Routing = Broadcast-Listen, Framed-Filter-Id = "std.ppp", Framed-MTU = 1500, Framed-Compression = Van-Jacobsen-TCP-IP
# Entry for customer 2 dedicated dsl Customer2 Auth-Type = Local, Password = "xxxxxxx" Service-Type = Framed-User, Framed-Protocol = PPP, Framed-IP-Address = 192.168.1.65, Framed-IP-Netmask = 255.255.255.252, Framed-Routing = Broadcast-Listen, Framed-Filter-Id = "std.ppp", Framed-MTU = 1500, Framed-Compression = Van-Jacobsen-TCP-IP
# Entry for customer 3 dedicated dsl Customer3 Auth-Type = Local, Password = "xxxxxx" Service-Type = Framed-User, Framed-Protocol = PPP, Framed-IP-Address = 192.168.1.177, Framed-IP-Netmask = 255.255.255.248, Framed-Routing = Broadcast-Listen, Framed-Filter-Id = "std.ppp", Framed-MTU = 1500, Framed-Compression = Van-Jacobsen-TCP-IP
DEFAULT Auth-Type = System Fall-Through = Yes
DEFAULT Service-Type = Framed-User Framed-IP-Address = 255.255.255.254, Framed-MTU = 576, Service-Type = Framed-User, Fall-Through = Yes
# # Default for PPP: dynamic IP address, PPP mode, VJ-compression. # NOTE: we do not use Hint = "PPP", since PPP might also be auto-detected # by the terminal server in which case there may not be a "P" suffix. # The terminal server sends "Framed-Protocol = PPP" for auto PPP. # DEFAULT Framed-Protocol = PPP Framed-Protocol = PPP, Framed-Compression = Van-Jacobson-TCP-IP
# # Default for CSLIP: dynamic IP address, SLIP mode, VJ-compression. # DEFAULT Hint = "CSLIP" Framed-Protocol = SLIP, Framed-Compression = Van-Jacobson-TCP-IP
# # Default for SLIP: dynamic IP address, SLIP mode. # DEFAULT Hint = "SLIP" Framed-Protocol = SLIP
-- Jarred F. Cleem IS Manager Multiband 2000 44th Street SW Fargo, ND 58103 (W) 701-281-5376 (F)701-492-5376
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 210 7721861 'Go back to the shadow' Gandalf