> Putting a User into a certain VRF is quite simple:
>
> vrfuser User-Password == "topsecret"
> Cisco-AVPair += "lcp:interface-config#1=ip vrf forwarding \
> VRFNAME",
Thank you Gerald, this is what I need to do.
I tried using this method, but I end up with access-accept reply (from radiusd
-X) like this:
Sending Access-Accept of id 20 to x.y.159.252 port 1645
Service-Type = Framed-User
Framed-Protocol = PPP
Framed-IP-Netmask = 255.255.255.255
Ascend-Client-Primary-DNS = x.y.z.1
Ascend-Client-Secondary-DNS = x.y.z.2
Session-Timeout = 20000
Cisco-AVPair = "lcp:interface-config#1=ip vrf forwarding Satcom"
Framed-IP-Address = x.y.129.239
This seems correct to me, but the NAS ignores the Framed-IP-Address so the cpe
never gets an Ip address.
The IP address is taken from an ippool, the other attributes are stored in sql,
everything works fine without that cisco-avpair attribute.
Any hint?
Thanks in advance,
Francesco.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
