Thanks Ivan, I will give that a try. Thanks for all your help.
Adrian -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ivan Kalik Sent: Tuesday, February 26, 2008 2:37 PM To: FreeRadius users mailing list Subject: RE: NAS-Group? - different replies to different NASes? > >A: I have a set of "master" tunnel attributes that I always have to send to >this Telco. >i.e. Service-type, Tunnel-Type, Tunnel-Preference, Tunnel-password, >Tunnel-Server-Endpoint..etc >The way this Telco obtains these attributes is by sending the >Username/Password combination my way. (i.e. I need to authenticate >[EMAIL PROTECTED]). Once I see that user come through from their boxes (3 >Static IPs) I have to send back to them the tunnel attributes above. Once >the tunnel attributes were sent, they establish an L2TP tunnel to my LNS and >my LNS now asks my Radius server again to authenticate the user. So I see >the same [EMAIL PROTECTED] requesting to be authenticated. Since I >currently cannot distinguish between NASes I am sending the same Tunnel >Attributes to my LNS which causes my LNS to try to initiate a tunnel back to >itself (because the Tunnel-Server-Endpoint attribute is the actual LNS). >++++++++++++++++++++++++++++++++++++++ > This is very strange. That information should be on telco radius server, not yours. It should not have to proxy requests to you. They ought to know the tunnel endpoint - *they* gave you the IP to set on your router when they leased you the line. Simplest thing to do is to create a huntgroup caled LAC and place those static IPs there. Then put something like this i your users file: DEFAULT Huntgroup-Name == "LAC", Auth-Type := Accept Reply-Message = "You are one strange telco", and list other reply attributes that you need to send them. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html