I don't know how those equipments are configured, but can you configure
them to send some special attribute to radius?
If your DSL device sends something like "Connect-Info == DSL", so you
can put Connect-Info == DSL to the users in DSL group in radgroupcheck
table.
Have I made myself clear? The idea is making radius to check if the user
that is in group dsl (or dial-up, or vpn) has the attribute relative to
his group.
Best regards, Leandro.
Robert Hass escreveu:
Hi
My current network is running DSL services (PPPoE), Dial-Up services
and VPN services. All NAS devices are Cisco - 7206VXR BRAS for DSL,
AS5300 for Dial-Up and Cisco PIX520 for VPN (EasyVPN). Currently all
those NASes uses one common FreeRadius (all data is in MySQL).
The problem is that DSL user can configure their PPPoE connection as
username from Dial-Up user (eg. ppp/ppp) and there will be no
rate-limit on his connection (VirtualAccess interface). Silimar problem
with VPNs - sometimes we have duplicated login names...
Is any way to resolv this issue other than installing 3 FreeRadiuses
using different MySQL databases, and different TCP/UDP ports ?
I was wondering about class in MySQL database, eg.
class = 0 Dialup
class = 1 DSL
class = 2 VPN
class = ... ...
And and 'class' varible into USERS and NAS tables. I'm looking for
ready solution for above described problem.
Robert Hass
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
Leandro Pereira de Lima e Silva
http://www.vialink.com.br/
"A verdadeira medida do caráter de um homem é o que ele faria se soubesse que nunca
seria descoberto." -- Thomas B. Macaulay
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html