Re: post-proxy ip address assignment
On Wed, May 1, 2013 at 1:22 PM, a.l.m.bu...@lboro.ac.uk wrote: Hi, sorry alan, perhaps I'm mixing up my examples in an attempt to get this working... run your freeradius is full debug mode. LOOK at what is going on 1. where (or in which file) do I add the unlang code? as you have I have made the changes in the file proxy-inner-tunnel -- i'm not sure if this is where i'm supposed to be adding the change. 2. how do i update the reply? by updating the reply I currently have the following code in my proxy-inner-tunnel file :- post-proxy { eap if (proxy-reply:Access-Accept) { update proxy-reply { Framed-IP-Address := %{sql:SELECT Value FROM `radreply` WHERE UserName ='%{User-Name}' AND Attribute = 'Framed-IP-Address'} } thats not updating the reply is it. thats updating the proxy-reply. I changed the proxy-inner-tunnel file with the following :- post-proxy { # # This is necessary for LEAP, or if you set: # # proxy_tunneled_request_as_eap = no # eap if (proxy-reply:Acct-Interim-Interval = 900) { update reply { Framed-IP-Address := %{sql:SELECT Value FROM `radreply` WHERE UserName ='%{User-Name}' AND Attribute = 'Framed-IP-Address'} } } I am not sure what I should be using for the IF statement as the reply coming back from the upstream proxy looks like this :- rad_recv: Access-Accept packet from host 168.172.64.224 port 1812, id=61, length=125 Proxy-State = 0x313634 Acct-Interim-Interval = 900 Class = 0xc24109ed013700010200a8ac40e040e0a8ac40e001ce46617c0576422fcb MS-Link-Utilization-Threshold = 50 MS-Link-Drop-Time-Limit = 120 MS-MPPE-Encryption-Policy = 0x0002 MS-MPPE-Encryption-Types = 0x000e There is no IP Address in the reply, and I need to insert it at this stage before sending it back to the 3g carrier radius server. alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
post-proxy ip address assignment
hi guys i am having a hard time getting a post-proxy setup going. we have a freeradius 2.1.8 server setup for a specific realm. authentication requests are coming from a upstream provider (3g carrier) onto our radius server. our radius server sends the authentication request to another radius server (windows platform) that authenticates the user against active directory. we receive the response, either accepted or denied. if the response is 'user accepted', we must then do a mysql query to find the ip address for the relevant user from our freeradius server and ammend the ip address to the radius response back to the 3g carrier's radius server. the authentication part is working perfectly between our radius server and the microsoft radius server as we are either getting a positive or negative reponse from the microsoft radius server. Sending Access-Request of id 213 to x.x.x.x port 1812 User-Name = jaco...@tut.ac.za User-Password = Tut123 NAS-IP-Address = 127.0.1.1 NAS-Port = 8585 rad_recv: Access-Accept packet from host x.x.x.x port 1812, id=213, length=20 at this point, we need the ip address lookup to be done on the mysql server running on our freeradius server and insert the relevant information into the proxy reply back to the carrier. as far as i have been able to read up, this should be done in the post-proxy configuration using unlang at this post [ http://lists.freeradius.org/pipermail/freeradius-users/2008-May/027960.html] but I am not able to get this to work with the code as seen on the post mentioned. * post-proxy {** ...** if (proxy-reply:Framed-IP-Address) {** update proxy-reply {** Framed-IP-Address := 1.2.3.4** ...** }** }** }* Any pointers will be appreciated. Regards, Gabriel - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: post-proxy ip address assignment
Hi, if you look at freeradius running in debug mode, you can see what bits of the server are being hit and where you can do the required changes. so post-proxy would be okay - but you update the reply alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: post-proxy ip address assignment
On Wed, May 1, 2013 at 11:15 AM, a.l.m.bu...@lboro.ac.uk wrote: Hi, if you look at freeradius running in debug mode, you can see what bits of the server are being hit and where you can do the required changes. so post-proxy would be okay - but you update the reply when running in debug mode, I can see this part id being hit :- [attr_filter.post-proxy]expand: %{Realm} - tut.ac.za attr_filter: Matched entry tut.ac.za at line 115 ++[attr_filter.post-proxy] returns updated this is where i have the realm setup in the attrs file. in this section, just as a test, I have the following :- tut.ac.za Acct-Interim-Interval = 1200, To (hopefully) explicitly set the Acct-Interim-Interval but it doesn't look like it is being set when testing with radtest. not sure if i understand this correctly? regards, g alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: post-proxy ip address assignment
Hi, why are you now talkign about users file? use unlang - as you originally stated and then update the reply alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: post-proxy ip address assignment
sorry alan, perhaps I'm mixing up my examples in an attempt to get this working... 1. where (or in which file) do I add the unlang code? 2. how do i update the reply? I currently have the following code in my proxy-inner-tunnel file :- post-proxy { eap if (proxy-reply:Access-Accept) { update proxy-reply { Framed-IP-Address := %{sql:SELECT Value FROM `radreply` WHERE UserName ='%{User-Name}' AND Attribute = 'Framed-IP-Address'} } } when i start freeradius -X i don't get any errors. the microsoft radius box is down at the moment on the other side so I can't test any further at the moment but will get back as soon as the server is up again. tx, g On Wed, May 1, 2013 at 12:16 PM, a.l.m.bu...@lboro.ac.uk wrote: Hi, why are you now talkign about users file? use unlang - as you originally stated and then update the reply alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: post-proxy ip address assignment
Hi, sorry alan, perhaps I'm mixing up my examples in an attempt to get this working... run your freeradius is full debug mode. LOOK at what is going on 1. where (or in which file) do I add the unlang code? as you have 2. how do i update the reply? by updating the reply I currently have the following code in my proxy-inner-tunnel file :- post-proxy { eap if (proxy-reply:Access-Accept) { update proxy-reply { Framed-IP-Address := %{sql:SELECT Value FROM `radreply` WHERE UserName ='%{User-Name}' AND Attribute = 'Framed-IP-Address'} } thats not updating the reply is it. thats updating the proxy-reply. alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Automatic ppp ip address assignment
Dear All FreeRadius 2.1 users, I can run successfully with pptpd and freeradius 2.1 authentication very well. I need to assign ip address to each pptp user manually. However, I can't set up mysql ip pool for pptp user. I have tried this way: http://wiki.freeradius.org/Rlm_sqlippool but it doesn't work. ppp user cannot get ip address automatically. I also comment out main_pool inside the /site-available/default file. This doesn't work neither. I have also tried any possible combinations of other settings but they don't work. Any user would like to post the main setting of a successful automatic ppp ip address assignment through mysql ip pool? Your help is highly appreciated. Your Faithfully, Timmy - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Automatic ppp ip address assignment
Timmy wrote: However, I can't set up mysql ip pool for pptp user. I have tried this way: http://wiki.freeradius.org/Rlm_sqlippool but it doesn't work. See the FAQ for it doesn't work ppp user cannot get ip address automatically. I also comment out main_pool inside the /site-available/default file. This doesn't work neither. I have also tried any possible combinations of other settings but they don't work. i.e. you tried a bunch of random things. That isn't useful. Any user would like to post the main setting of a successful automatic ppp ip address assignment through mysql ip pool? It works if you configure it correctly. So... what did you do? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Automatic ppp ip address assignment
Any user would like to post the main setting of a successful automatic ppp ip address assignment through mysql ip pool? It works if you configure it correctly. So... what did you do? Alan DeKok. Hi Alan, I mainly followed the book Freeradius Beginner's Guide. I can set up most thing to run freeradius with mysql managing, except the mysql ip pool control. I started with Ubuntu 10.04 x64 with its freeradius 2 and mysql packages. This runs very well. To make mysql ip pool works, I only change very basic things: Edit: /etc/freeradius/radiusd.conf Uncomment: $INCLUDE sqlippool.conf Edit sqlippool.conf #$INCLUDE sql/postgresql/ippool.conf $INCLUDE sql/mysql/ippool.conf Add in /etc/freeradius/users: DEFAULT Pool-Name := main_pool Fall-Through = Yes In radius db: INSERT INTO radippool (pool_name, framedipaddress) VALUES ('main_pool', '192.168.2.1'); Edit: /etc/freeradius/sites-available/default accounting { main_pool sqlippool } post-auth { mani_pool sqlippool } Also, in the /modules/ippool file, I keep the ippool main_pool definition uncommented as it is in this package default. The result: freeradius does not assing IP. How do you think, Alan? Which one or both of these to keep in /etc/freeradius/sites-available/default ? main_pool sqlippool - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Automatic ppp ip address assignment
Timmy wrote: The result: freeradius does not assing IP. How do you think, Alan? I think you haven't bothered to read the debug output. This is in the FAQ, README, main web page, and daily on this list. Why not look at the debug output. Just... why? Which one or both of these to keep in /etc/freeradius/sites-available/default ? main_pool sqlippool It depends on what you want. Configuring FreeRADIUS is *not* about making random changes. It's about understanding what you're doing. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: IP address assignment for the authenticated users in Free radius
Anoop C wrote: Hi We are running EAP-TLS authentication for office users using WiFi network. This is a certificate based authentication and we are using Free RADIUS. I would like to know whether we can assign IP address dynamically to the users through FREE RADIUS server ie RADIUS server works as DHCP server. For WiFi authentication, you need a DHCP server. Sending IP addresses to the NAS in a RADIUS packet won't work. So after successful authentication Server should through an IP address which is configured against that particular MAC of the user in the server. No. You need a DHCP server. You can configure FreeRADIUS to be a DHCP server, but that involves creating a DHCP configuration, not a RADIUS configuration. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: IP address assignment for the authenticated users in Free
Alan Thanks for the quick reply. I would like to have one more clarification. Can we use IP addrss as Attribute value pair so that the RADIUS server throws IPs dynamically to users after authentication. Regards Anoop Anoop C wrote: Hi We are running EAP-TLS authentication for office users using WiFi network. This is a certificate based authentication and we are using Free RADIUS. I would like to know whether we can assign IP address dynamically to the users through FREE RADIUS server ie RADIUS server works as DHCP server. For WiFi authentication, you need a DHCP server. Sending IP addresses to the NAS in a RADIUS packet won't work. So after successful authentication Server should through an IP address which is configured against that particular MAC of the user in the server. No. You need a DHCP server. You can configure FreeRADIUS to be a DHCP server, but that involves creating a DHCP configuration, not a RADIUS configuration. Alan DeKok. Get your world in your inbox! Mail, widgets, documents, spreadsheets, organizer and much more with your Sifymail WIYI id! Log on to http://www.sify.com ** DISCLAIMER ** Information contained and transmitted by this E-MAIL is proprietary to Sify Limited and is intended for use only by the individual or entity to which it is addressed, and may contain information that is privileged, confidential or exempt from disclosure under applicable law. If this is a forwarded message, the content of this E-MAIL may not have been sent with the authority of the Company. If you are not the intended recipient, an agent of the intended recipient or a person responsible for delivering the information to the named recipient, you are notified that any use, distribution, transmission, printing, copying or dissemination of this information in any way or in any manner is strictly prohibited. If you have received this communication in error, please delete this mail notify us immediately at ad...@sifycorp.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: IP address assignment for the authenticated users in Free
Alan Thanks for the quick reply. I would like to have one more clarification. Can we use IP addrss as Attribute value pair so that the RADIUS server throws IPs dynamically to users after authentication. Did you actually read the reply? For WiFi authentication, you need a DHCP server. Sending IP addresses to the NAS in a RADIUS packet won't work. You can configure FreeRADIUS to be a DHCP server, but that involves creating a DHCP configuration, not a RADIUS configuration. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Re: IP address assignment for the authenticated users in Free
Just because RADIUS has an attribute defined, doesn't mean the NAS supports it for your use. In general, the IP address assignment attributes are intended for use with NAS's that are point-to-point access routers where the address will be for an "unnumbered" connection, where the link level understands such an assignment. 802.11 Wifi Access Points don't do this. There is no link level mechanism for it. You must use DHCP or static assignments. Dave.Oct 20, 2009 05:48:34 AM, t...@kalik.net wrote: Alan Thanks for the quick reply. I would like to have one more clarification. Can we use IP addrss as Attribute value pair so that the RADIUS server throws IPs dynamically to users after authentication.Did you actually read the reply? For WiFi authentication, you need a DHCP server. Sending IP addresses to the NAS in a RADIUS packet won't work. You can configure FreeRADIUS to be a DHCP server, but that involves creating a DHCP configuration, not a RADIUS configuration.Ivan KalikKalik Informatika ISP-List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
IP address assignment for the authenticated users in Free radius
Hi We are running EAP-TLS authentication for office users using WiFi network. This is a certificate based authentication and we are using Free RADIUS. I would like to know whether we can assign IP address dynamically to the users through FREE RADIUS server ie RADIUS server works as DHCP server. So after successful authentication Server should through an IP address which is configured against that particular MAC of the user in the server. Regards Anoop C Get your world in your inbox! Mail, widgets, documents, spreadsheets, organizer and much more with your Sifymail WIYI id! Log on to http://www.sify.com ** DISCLAIMER ** Information contained and transmitted by this E-MAIL is proprietary to Sify Limited and is intended for use only by the individual or entity to which it is addressed, and may contain information that is privileged, confidential or exempt from disclosure under applicable law. If this is a forwarded message, the content of this E-MAIL may not have been sent with the authority of the Company. If you are not the intended recipient, an agent of the intended recipient or a person responsible for delivering the information to the named recipient, you are notified that any use, distribution, transmission, printing, copying or dissemination of this information in any way or in any manner is strictly prohibited. If you have received this communication in error, please delete this mail notify us immediately at ad...@sifycorp.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
IP address assignment (rlm_ippool)
I want freeRADIUS to assign IP address to authenticated users, so Ive done thefollowing configuration ippool main_pool { # range-start,range-stop: The start and end ip # addresses for the ip pool range-start = 81.174.17.35 range-stop = 81.174.17.63 .. .. # session-db: The main db file used to allocate ip's to clients session-db = ${raddbdir}/db.ippool # ip-index: Helper db index file used in multilink ip-index = ${raddbdir}/db.ipindex .. } Once started, I get back an error from radiusd : rlm_ippool: Failed to open file /etc/raddb/db.ippool: Permission denied radiusd.conf[1468]: main_pool: Module instantiation failed. It seems that the problem is due lack of db.ippool file. Ive tried to create it manually, but nothing changed. Is there a way to generate db.ippool file so rlm_ippool can work properly? Thank you in advance, Best Regards, Carlo - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: IP address assignment (rlm_ippool)
Carlo Prestopino [EMAIL PROTECTED] wrote: Once started, I get back an error from radiusd : rlm_ippool: Failed to open file /etc/raddb/db.ippool: Permission denied Try setting the file permissions so that the radius server has read/write access. It seems that the problem is due lack of db.ippool file. No. The error is permissions denied, not does not exist. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
IP-Address assignment - NAS Pool if value is empty in LDAP
I am running freeradius-1.0.2-5.5 and need a solution for the following problem: we want to achieve that freeradius sends back an IP-Address if there is one for that user in LDAP. If the value is empty freeradius shouldnt send back an IP-Address and the NAS should choose one from his own ip-pool. is this possible to realize? greetings, Stefan -- DSL-Aktion wegen großer Nachfrage bis 28.2.2006 verlängert: GMX DSL-Flatrate 1 Jahr kostenlos* http://www.gmx.net/de/go/dsl - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: IP-Address assignment - NAS Pool if value is empty in LDAP
Hi, YES... it is possible ( at least in my case it is ). I've used Framed-IP-Address attribute which I mapped to an attribute in my LDAP directory. As NAS I use Poptop daemon ( MS PPTP Server for Linux ). Regards, Edvin -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] g] On Behalf Of [EMAIL PROTECTED] Sent: Mittwoch, 11. Jänner 2006 09:16 To: FreeRadius users mailing list Subject: IP-Address assignment - NAS Pool if value is empty in LDAP I am running freeradius-1.0.2-5.5 and need a solution for the following problem: we want to achieve that freeradius sends back an IP-Address if there is one for that user in LDAP. If the value is empty freeradius shouldnt send back an IP-Address and the NAS should choose one from his own ip-pool. is this possible to realize? greetings, Stefan -- DSL-Aktion wegen gro_er Nachfrage bis 28.2.2006 verldngert: GMX DSL-Flatrate 1 Jahr kostenlos* http://www.gmx.net/de/go/dsl - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: IP-Address assignment - NAS Pool if value is empty in LDAP
I am running freeradius-1.0.2-5.5 and need a solution for the following problem: we want to achieve that freeradius sends back an IP-Address if there is one for that user in LDAP. If the value is empty freeradius shouldnt send back an IP-Address and the NAS should choose one from his own ip-pool. That will work out of the box. Make sure in ldap.attrmap you have replyItem Framed-IP-Address radiusFramedIPAddress replyItem Framed-IP-Netmask radiusFramedIPNetmask **You can change those to whatever you store it as in ldap. Then in the user, you put the IP. dn: uid=someuser,ou=. radiusFramedIPAddress: 1.1.1.1 radiusFramedIPNetmask: 255.255.255.0 Then rlm_ldap, will look for an attribute of radiusFramedIPAddress and radiusFramedIPNetmask in ldap. If it exists, it will send it back in the access-accept as a reply item. If it doesn't exist, it won't send anything. Did you try this yet? If so and it isn't working for you, please send debug output (radiusd -X). - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
IP address assignment
I am using radius to authenticate access from VPN. Would anyone now how to record the IP address the user is assigned after they log in. Michael This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail and delete the message and any attachments from your system. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: IP address assignment
Infusino, Michael - ADP Dataphile wrote: I am using radius to authenticate access from VPN. Would anyone now how to record the IP address the user is assigned after they log in. Michael How does a little dynamic dns strike you? Make sure to actualy read below and attached scripts and setup a DNS key. --radiusd.conf- modules section exec ddns_update { wait = no program = /usr/local/sbin/radius-dns-update.sh input_pairs = request packet_type = Accounting-Request shell_escape = yes } end modules instantiate section--- ddns_update ---end section #!/bin/bash #must setup this key!! #man nsupdate NSUPDATE=nsupdate -k /etc/freeradius/keys/Kradius-dns-updates.+157+08981.private function usage() { echo Usage: `basename $0` -u User-Name -t Hint -s Acct-Status-Type -i Framed-IP-Address exit 1 } while getopts u:t:s:i: opt; do case $opt in u) USER_NAME=$OPTARG;; t) HINT=$OPTARG;; s) ACCT_STATUS_TYPE=$OPTARG;; i) FRAMED_IP_ADDRESS=$OPTARG;; *) usage;; esac; done HINT=`echo ${HINT} | tr -d ''` USER_NAME=`echo ${USER_NAME} | tr -d ''` ACCT_STATUS_TYPE=`echo ${ACCT_STATUS_TYPE} | tr -d ''` FRAMED_IP_ADDRESS=`echo ${FRAMED_IP_ADDRESS} | tr -d ''` if [[ ${USER_NAME} == ]] || [[ ${HINT} == ]] || [[ ${ACCT_STATUS_TYPE} == ]] || [[ ${FRAMED_IP_ADDRESS} == ]]; then exit 1; fi #make sure you update below list to something that fits your setup! case ${HINT} in XXX) DOMAINNAME=xxx.you.net;; YYY) DOMAINNAME=yyy.you.net;; *)exit 1;; esac; USER_NAME=[EMAIL PROTECTED] DNS_A_REC=${USER_NAME}.${DOMAINNAME} DELETE_DNS_A_REC=prereq yxdomain ${DOMAINNAME}\nupdate delete ${DNS_A_REC} A ADD_DNS_A_REC=update add ${DNS_A_REC} 300 in A ${FRAMED_IP_ADDRESS} TOUCH_DNS_A_REC=prereq nxdomain ${DNS_A_REC}\n case ${ACCT_STATUS_TYPE} in Start) echo -e ${DELETE_DNS_A_REC}\n${ADD_DNS_A_REC}\nsend | $NSUPDATE ;; Stop) #comment below to leave logged out users in DNS echo -e ${DELETE_DNS_A_REC}\nsend | $NSUPDATE ;; Alive) #uncomment below to flood active users in during turnup # echo -e ${TOUCH_DNS_A_REC}\n${ADD_DNS_A_REC}\nsend | $NSUPDATE exit 0;; *) exit 1;; esac; #!/bin/bash STAGE2=/usr/local/sbin/radius-dns-update.s2.sh if [[ ${USER_NAME} == ]] || [[ ${HINT} == ]] || [[ ${ACCT_STATUS_TYPE} == ]] || [[ ${FRAMED_IP_ADDRESS} == ]]; then exit 0; fi if [[ -x $STAGE2 ]]; then $STAGE2 -u${USER_NAME} -t${HINT} -s${ACCT_STATUS_TYPE} -i${FRAMED_IP_ADDRESS} 21 /dev/null fi exit 0 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: IP address assignment
Very nice. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, October 13, 2005 11:41 PM To: FreeRadius users mailing list Subject: Re: IP address assignment Infusino, Michael - ADP Dataphile wrote: I am using radius to authenticate access from VPN. Would anyone now how to record the IP address the user is assigned after they log in. Michael How does a little dynamic dns strike you? Make sure to actualy read below and attached scripts and setup a DNS key. --radiusd.conf- modules section exec ddns_update { wait = no program = /usr/local/sbin/radius-dns-update.sh input_pairs = request packet_type = Accounting-Request shell_escape = yes } end modules instantiate section--- ddns_update ---end section _ This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail and delete the message and any attachments from your system. application/ms-tnef- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: IP address assignment
On Oct 13, 2005, at 10:44 PM, Infusino, Michael - ADP Dataphile wrote: Very nice. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, October 13, 2005 11:41 PM To: FreeRadius users mailing list Subject: Re: IP address assignment Infusino, Michael - ADP Dataphile wrote: I am using radius to authenticate access from VPN. Would anyone now how to record the IP address the user is assigned after they log in. Michael How does a little dynamic dns strike you? Make sure to actualy read below and attached scripts and setup a DNS key. --radiusd.conf- modules section exec ddns_update { wait = no program = /usr/local/sbin/radius-dns-update.sh input_pairs = request packet_type = Accounting-Request shell_escape = yes } end modules instantiate section--- ddns_update ---end section snip rantDoes everyone top post now? How do you read a thread?/rant Phil - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: IP address assignment
Infusino, Michael - ADP Dataphile wrote: I am using radius to authenticate access from VPN. Would anyone now how to record the IP address the user is assigned after they log in. Michael How does a little dynamic dns strike you? Make sure to actualy read below and attached scripts and setup a DNS key. --radiusd.conf- modules section exec ddns_update { wait = no program = /usr/local/sbin/radius-dns-update.sh input_pairs = request packet_type = Accounting-Request shell_escape = yes } end modules instantiate section--- ddns_update ---end section Interesting idea. I like it. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html