Re[2]: ippool issue

2003-10-29 Thread Alexander Lunyov 
Hello Gustavo,

Wednesday, October 29, 2003, 8:42:51 AM, you wrote:



GAL Sure you can.
GAL But if you do that you cant get routed to any place.

GAL You need a gateway address within the same logical network.

 What do you mean? NAS in the same logical network or radius server in the
 same logical network?

 For example, i want this ippool working with NAS.

ippool main_pool {
range-start = 192.168.253.1
range-stop = 192.168.253.254
netmask = 255.255.0.0
cache-size = 800
session-db = ${raddbdir}/db.ippool
ip-index = ${raddbdir}/db.ipindex
override = no
} 

 NAS is a FreeBSD box with 3 multiport cards and 2 network
 interfaces. First iface is 192.168.33.127/24, second is
 x.x.x.2/24 ('white' network). So when authentification of ppp session is done and
 it's time to receive IP address for this session, radiusd cannot
 find range for this NAS. It says

rad_recv: Access-Request packet from host x.x.x.2:2740, id=239, length=105
Thread 1 assigned request 0
--- Walking the entire request list ---
Threads: total/active/spare threads = 5/1/4
Waking up in 5 seconds...
Thread 1 handling request 0, (1 handled so far)
User-Name = lan
Service-Type = Framed-User
Framed-Protocol = PPP
CHAP-Password = 0x0176a7169a89a0a8s8aa34a03e630f1ead
CHAP-Challenge = 0x38328232349865433746313036313635
NAS-Identifier = zeus.domain.ru
NAS-Port-Type = Ethernet
NAS-Port = 61

[authentification and other skip]

rlm_ippool: Searching for an entry for nas/port: zeus.domain.ru/61
  modcall[post-auth]: module main_pool returns noop for request 0
modcall: group post-auth returns noop for request 0
Sending Access-Accept of id 239 to x.x.x.2:2740
Framed-Compression = Van-Jacobson-TCP-IP
Idle-Timeout = 10
Framed-MTU = 576
Framed-IP-Address = 255.255.255.254
Framed-Protocol = PPP
Service-Type = Framed-User
Finished request 0

  What should i do? Is there any 'magic word'? :)



GAL On Wed, 2003-10-29 at 19:29, Alexander Lunyov wrote:
 Hello freeradius-users,
 
   Is there a possibility to pool range of IP addresses for NAS
   while NAS is not in that range? For example, if i try to pool
   192.168.253.0/24 network for NAS with address 192.168.3.3 - it
   says that nas/port not found for that NAS address (192.168.3.3).
   is it possible to assign to NAS client IP address not from NAS
   network?


GAL - 
GAL List info/subscribe/unsubscribe? See
GAL http://www.freeradius.org/list/users.html



-- 
Best regards,
 Alexandermailto:[EMAIL PROTECTED]


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Re[2]: ippool issue

2003-10-29 Thread Gustavo A. Lozano 
You need an address in the RAS to act as a gateway...

You can configure any pool in whatever RAS but for example if the RAS is
a cisco you will need to do something like:

interface eth0 ip add xxx.xxx.xxx.1 secondary
interface eth0 ip add yyy.yyy.yyy.1 secondary 
..
...


and now you can assign address within the blocks xxx.xxx.xxx.xxx and
yyy.yyy.yyy.yyy

The thing is you need to RAS as gateway for the  dialin users

On Wed, 2003-10-29 at 20:14, Alexander Lunyov wrote:
 Hello Gustavo,
 
 Wednesday, October 29, 2003, 8:42:51 AM, you wrote:
 
 
 
 GAL Sure you can.
 GAL But if you do that you cant get routed to any place.
 
 GAL You need a gateway address within the same logical network.
 
  What do you mean? NAS in the same logical network or radius server in the
  same logical network?
 
  For example, i want this ippool working with NAS.
 
 ippool main_pool {
 range-start = 192.168.253.1
 range-stop = 192.168.253.254
 netmask = 255.255.0.0
 cache-size = 800
 session-db = ${raddbdir}/db.ippool
 ip-index = ${raddbdir}/db.ipindex
 override = no
 } 
 
  NAS is a FreeBSD box with 3 multiport cards and 2 network
  interfaces. First iface is 192.168.33.127/24, second is
  x.x.x.2/24 ('white' network). So when authentification of ppp session is done 
 and
  it's time to receive IP address for this session, radiusd cannot
  find range for this NAS. It says
 
 rad_recv: Access-Request packet from host x.x.x.2:2740, id=239, length=105
 Thread 1 assigned request 0
 --- Walking the entire request list ---
 Threads: total/active/spare threads = 5/1/4
 Waking up in 5 seconds...
 Thread 1 handling request 0, (1 handled so far)
 User-Name = lan
 Service-Type = Framed-User
 Framed-Protocol = PPP
 CHAP-Password = 0x0176a7169a89a0a8s8aa34a03e630f1ead
 CHAP-Challenge = 0x38328232349865433746313036313635
 NAS-Identifier = zeus.domain.ru
 NAS-Port-Type = Ethernet
 NAS-Port = 61
 
 [authentification and other skip]
 
 rlm_ippool: Searching for an entry for nas/port: zeus.domain.ru/61
   modcall[post-auth]: module main_pool returns noop for request 0
 modcall: group post-auth returns noop for request 0
 Sending Access-Accept of id 239 to x.x.x.2:2740
 Framed-Compression = Van-Jacobson-TCP-IP
 Idle-Timeout = 10
 Framed-MTU = 576
 Framed-IP-Address = 255.255.255.254
 Framed-Protocol = PPP
 Service-Type = Framed-User
 Finished request 0
 
   What should i do? Is there any 'magic word'? :)
 
 
 
 GAL On Wed, 2003-10-29 at 19:29, Alexander Lunyov wrote:
  Hello freeradius-users,
  
Is there a possibility to pool range of IP addresses for NAS
while NAS is not in that range? For example, if i try to pool
192.168.253.0/24 network for NAS with address 192.168.3.3 - it
says that nas/port not found for that NAS address (192.168.3.3).
is it possible to assign to NAS client IP address not from NAS
network?
 
 
 GAL - 
 GAL List info/subscribe/unsubscribe? See
 GAL http://www.freeradius.org/list/users.html
 
 


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html