On 16/02/2012 00:15, Richard J Palmer wrote:
On 15/02/2012 11:52 PM, Alan Buxey wrote:
This can be done for plain auth...one way would be to put a check in
the auth section, if the normal auth has failed then fail through to
eg perl and have some perl script that checks what you want to check
and send back the accept
Not 100% sure what you mean by plain auth ?
ADSL L2TP is chap and works OK
What I want is for the non ADSL tails (the Data SIMS) the username and
password are not any use - I want to auth on the caller ID and no
password - the auth is easy - I can set the query to return if the
username matches or the caller ID matches BUT I then need to ignore
the password, etc.
I made some changes in rlm_chap to handle this if I put a flag in the
password BUT there must be a way to do this without editing the code
(IMO)
Could you perhaps do a check for callerid pattern and use that as the
lookup key by rewriting the attribute in the request? Not sure if it's
possible to rewrite the username, but changing the password to a defined
value such as "password" should work I think? Would satisfy the CHAP
request anyway... Unless it's possible to have radius ignore the
password with an Auth-Type response
Not got a spare sim to test with at the mo, can't see why it isn't
doable though
Thanks,
J
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html