On Fri, 10 Dec 1999 00:13:35 +1100, Tony Frank (EPA) wrote:
>Hi everyone,
>
>I am having trouble when using my Tigris NAS and the Radiator RADIUS server.
>
>The problem is (I believe) with the Tigris, but I'm wondering if there are
>any suggestions based on my RADIUS config to see if I could be doing
>something wrong here.
>(Anyone with experience using the Tigris and Radiator can jump in here)
>
>My radius.cfg:
>
<<snipped>>
>And the 'defuser' file contains the following:
>
>DEFAULT
> Framed-Protocol = PPP,
> Framed-IP-Netmask = 255.255.255.0,
> Framed-Routing = None,
> Framed-MTU = 1500,
> Service-Type = Framed-User
>
>The issue is that what I am trying to achieve is RADIUS authentication, with
>no username and password required.
>
>In my situation, we have only GSM mobile incoming calls, and we are very
>happy to use the existing user authentication performed by the mobile
>network (ie, your number is unique to you, and if you lose it you are going
>to have your SIM etc cancelled anyway)
fine, doesn't only apply to gsm either !
>As such, we want to setup the PPP sessions etc with as little requirements
>as possible. Essentially, if the person's number (Calling-Station-ID)
>appears in the user database and is active, we want to let them setup a
>session and give them an IP address without the user needing to go through
>any additional authentication stages.
>
>>From my brief research, it seems that this is not an overly common way to do
>things, and as such it is very difficult to find any information on other
>people's attempts etc.
>
>In order to do this, we are presently trying to use the Tigris VPSM
>functionality, which generates an Access-Request similar to the following
>when it detects an incoming call:
>
>Attributes:
> User-Name = "<called number>"
> User-Password = "<calling number encrypted with secret>"
> NAS-Port = 71
> NAS-Port-Type = ISDN
> Acc-Request-Type = Ring-Indication
> Called-Station-Id = "xxxxxxxxx"
> Calling-Station-Id = "0414576342"
> NAS-IP-Address = 10.28.30.15
>
we had this problem, when changing over from Ascend to Tigris ....
solution is multiple Defaults and verification based on
calling-station-id.
problem is thou, you end up with a heap of funny user names (whatever
they have set) and passwords lying around.
the problem is actually on the tigris, not radius if you want to use
not use the VPSM setting.
I did have this as a feedback item with the erricsson, obviously it
hasn't been dealt with :-(
Gary
-------------------------------
Ausmail
Your virtual home on the net.
Email, News & Home pages.
-------------------------------
Coming soon !!
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
