Hi all We are proxying a realm for a customer that takes ADSL
connections from us. Our ADSL connections terminate on a Cisco 7204 over an L2TP
tunnel. The proxying seems to be working fine as all requests for
the realm are sent to the customers radius server. And our log files show that the authentication was “OK”. However the users that are authenticating are being dropped
offline as soon as they authenticate. The account logs show the reason as being “User-Request”
although the user hasn’t requested a disconnect, in fact they aren’t
connected long enough to do so. The customer is also sending a framed IP address for each
user that connects via the users radius users file entry. I’m wondering if this has something to do with the
problem, although I can’t really see why. The customer is issuing IP addresses from our own RIPE
allocation that the Cisco knows about and we announce via BGP to upstreams. I’m trying to get some radius and cisco debugging for
these users, but unfortunately everyone has buggered off home and most of the
users are offices. So I guess I’m just wondering if there are any gotchas
with radius proxying and injecting IP addresses that anyone may have come
across. Or does anyone have any ideas what I should be looking for
to help fix the problem? Thanks In Advance John |
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html