Hello Chairath -
You should probably add a Handler for that NAS specifically and then add the AuthBy DYNADDRESS only for that NAS. # Handler for NAS <Handler Client-Id = ....> AuthByPolicy ContinueWhileAccept # authentication AuthBy ...... # address allocation AuthBy ...... </Handler> regards Hugh On Wed, 26 Dec 2001 15:22, Chairath K wrote: > Hello Hugh, > > Our system will connect a new NAS , but this NAS is not smart enough to > choose IP Address from correct IP Pool by looking at "realm". As a result, > we will decide to config Radiator to handle it . > > Well , I try to look at section 6.46 in Raidator 2.18.2 reference manual, > but I can't find the way to use "AddreeAllocator SQL" and "Authby > DYNADDRESS" with our "AuthBy RADMIN" clause in config file > > So how can I config radiator to handdle IP Pool like these > > user@test1 will get ip pool1 > user@test2 will get ip pool2 > > Pool1 > subnetmask 255.255.255.0 > Range 192.1.1.1 192.1.1.50 > Range 192.1.1.60 192.1.1.120 > > Pool2 > subnetmask 255.255.255.127 > Range 192.2.2.62 192.2.2.99 > > Regards, > Chairath > > P.S. Our system is running with Radiator 2.18 and Radmin 1.4 > > > Foreground > LogStdout > LogDir d:/Radiator-2.18/log > DbDir d:/Radiator-2.18 > LogFile %L/logfile-%d-%m-%Y > > # Dont turn this up too high, since all log messages are logged > # to the RADMESSAGES table in the database. 3 will give you everything > # except debugging messages > Trace 4 > > > # PreClientHook to add NAS-Port attribute > PreClientHook file:"%D/addNASPort" > > # You will probably want to change this to suit your site. > # You should list all the clients you have, and their secrets > # If you are using the Radmin Clients table, you wil probably > # want to disable this. > #<Client DEFAULT> > # Secret mysecret > # DupInterval 0 > #</Client> > > # You can put additonal (or all) client details in your Radmin > # database table > # and get their details from there with something like this: > # You can then use the Radmin 'Add Radius Client' to add new clients. > <ClientListSQL> > DBSource dbi:ODBC:Radmin > DBUsername xxx > DBAuth xxx > </ClientListSQL> > > #<AuthBy RADIUS> > # Identifier ProxyTofunk > # Host 10.2.0.6 > # Secret test > #</AuthBy> > > #<Realm funk> > # strip Realm > # RewriteUsername s/^([^@]+).*/$1/ > # AuthBy ProxyTofunk > #</Realm> > > <AuthBy RADMIN> > Identifier RADMINAUTH > # Change DBSource, DBUsername, DBAuth for your database > # See the reference manual. You will also have to > # change the one in <SessionDatabse SQL> below > # so its the same > DBSource dbi:ODBC:Radmin > DBUsername xxx > DBAuth xxx > DateFormat %e %m %Y %T > > #AuthSelect select PASS_WORD,STATICADDRESS,TIMELEFT,MAXLOGINS from > RADUSERS where USERNAME='%n' and BADLOGINS < 10 and VALIDFROM < %t and > VALIDTO > %t > > # You can add to or change these if you want, but you > # will probably want to change the database schema first > AccountingTable RADUSAGE > AcctColumnDef USERNAME,User-Name > AcctColumnDef TIME_STAMP,Timestamp,integer > AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type,integer > AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer > AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer > AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer > AcctColumnDef ACCTSESSIONID,Acct-Session-Id > AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer > AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause,integer > AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address > AcctColumnDef NASIDENTIFIER,NAS-Identifier > AcctColumnDef NASIDENTIFIER,NAS-IP-Address > AcctColumnDef NASPORT,NAS-Port,integer > AcctColumnDef DNIS,Called-Station-Id > AcctColumnDef DATE,Timestamp,integer-date > # This updates the time and octets left > # for this user > AcctSQLStatement update RADUSERS set > TIMELEFT=TIMELEFT-0%{Acct-Session-Time}, > OCTETSINLEFT=OCTETSINLEFT-0%{Acct-Input-Octets}, > OCTETSOUTLEFT=OCTETSOUTLEFT-0%{Acct-Output-Octets} where USERNAME='%n' > > </AuthBy> > > <AuthBy GROUP> > Identifier WithIdleTimeout > AuthBy RADMINAUTH > # These are the classic things to add to each users > # reply to allow a PPP dialup session. It may be > # different for your NAS. This will add some > # reply items to everyone's reply > AddToReply Framed-Protocol = PPP,\ > Service-Type = Framed-User,\ > Framed-IP-Netmask = 255.255.255.255,\ > Framed-Routing = None,\ > Framed-MTU = 1500,\ > Framed-Compression = Van-Jacobson-TCP-IP,\ > Idle-Timeout = 600,\ > Class = %{NAS-Port} > </AuthBy> > > <AuthBy GROUP> > Identifier WithOutIdleTimeout > AuthBy RADMINAUTH > # These are the classic things to add to each users > # reply to allow a PPP dialup session. It may be > # different for your NAS. This will add some > # reply items to everyone's reply > AddToReply Framed-Protocol = PPP,\ > Service-Type = Framed-User,\ > Framed-IP-Netmask = 255.255.255.255,\ > Framed-Routing = None,\ > Framed-MTU = 1500,\ > Framed-Compression = Van-Jacobson-TCP-IP,\ > Class = %{NAS-Port} > </AuthBy> > > <AuthBy FILE> > Identifier TimeZone > Filename %D/adsl.users > </AuthBy> > > <Handler Request-Type=Accounting-Request> > AuthBy RADMINAUTH > </Handler> > > <Handler Realm=hz.qnet> > AuthBy TimeZone > </Handler> > > <Handler Realm=qnetcorp> > AuthBy WithOutIdleTimeout > </Handler> > > <Handler Realm=qnetoffice> > AuthBy WithOutIdleTimeout > </Handler> > > <Handler Realm=o64.qnet> > AuthBy WithOutIdleTimeout > </Handler> > > <Handler Realm=o128.qnet> > AuthBy WithOutIdleTimeout > </Handler> > > <Handler Realm=o256.qnet> > AuthBy WithOutIdleTimeout > </Handler> > > <Handler Realm=o512.qnet> > AuthBy WithOutIdleTimeout > </Handler> > > <Handler> > AuthBy WithIdleTimeout > </Handler> > > > # Handle User with NO Realm with RADMIN > #<Realm> > # AuthBy RADMINAUTH > #</Realm> > > # Handle everyone with RADMIN > #<Realm DEFAULT> > # AuthBy RADMINAUTH > #</Realm> > > <SessionDatabase SQL> > # This database spec usually should be exactly the same > # as in <AuthBy RADMIN> above > DBSource dbi:ODBC:Radmin > DBUsername radmin > DBAuth radminpw > ClearNasQuery > </SessionDatabase> -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.