You need an address in the RAS to act as a gateway...
You can configure any pool in whatever RAS but for example if the RAS is
a cisco you will need to do something like:
interface eth0 ip add xxx.xxx.xxx.1 secondary
interface eth0 ip add yyy.yyy.yyy.1 secondary
..
...
and now you can assign address within the blocks xxx.xxx.xxx.xxx and
yyy.yyy.yyy.yyy
The thing is you need to RAS as gateway for the dialin users
On Wed, 2003-10-29 at 20:14, Alexander Lunyov wrote:
Hello Gustavo,
Wednesday, October 29, 2003, 8:42:51 AM, you wrote:
GAL Sure you can.
GAL But if you do that you cant get routed to any place.
GAL You need a gateway address within the same logical network.
What do you mean? NAS in the same logical network or radius server in the
same logical network?
For example, i want this ippool working with NAS.
ippool main_pool {
range-start = 192.168.253.1
range-stop = 192.168.253.254
netmask = 255.255.0.0
cache-size = 800
session-db = ${raddbdir}/db.ippool
ip-index = ${raddbdir}/db.ipindex
override = no
}
NAS is a FreeBSD box with 3 multiport cards and 2 network
interfaces. First iface is 192.168.33.127/24, second is
x.x.x.2/24 ('white' network). So when authentification of ppp session is done
and
it's time to receive IP address for this session, radiusd cannot
find range for this NAS. It says
rad_recv: Access-Request packet from host x.x.x.2:2740, id=239, length=105
Thread 1 assigned request 0
--- Walking the entire request list ---
Threads: total/active/spare threads = 5/1/4
Waking up in 5 seconds...
Thread 1 handling request 0, (1 handled so far)
User-Name = lan
Service-Type = Framed-User
Framed-Protocol = PPP
CHAP-Password = 0x0176a7169a89a0a8s8aa34a03e630f1ead
CHAP-Challenge = 0x38328232349865433746313036313635
NAS-Identifier = zeus.domain.ru
NAS-Port-Type = Ethernet
NAS-Port = 61
[authentification and other skip]
rlm_ippool: Searching for an entry for nas/port: zeus.domain.ru/61
modcall[post-auth]: module main_pool returns noop for request 0
modcall: group post-auth returns noop for request 0
Sending Access-Accept of id 239 to x.x.x.2:2740
Framed-Compression = Van-Jacobson-TCP-IP
Idle-Timeout = 10
Framed-MTU = 576
Framed-IP-Address = 255.255.255.254
Framed-Protocol = PPP
Service-Type = Framed-User
Finished request 0
What should i do? Is there any 'magic word'? :)
GAL On Wed, 2003-10-29 at 19:29, Alexander Lunyov wrote:
Hello freeradius-users,
Is there a possibility to pool range of IP addresses for NAS
while NAS is not in that range? For example, if i try to pool
192.168.253.0/24 network for NAS with address 192.168.3.3 - it
says that nas/port not found for that NAS address (192.168.3.3).
is it possible to assign to NAS client IP address not from NAS
network?
GAL -
GAL List info/subscribe/unsubscribe? See
GAL http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html