Hi, currently I'm using FreeRADIUS-1.0.2 with the rlm_sql_mysql backend for accounting, authentication etc. I have several users in the "radcheck" table...
--8<--[ radcheck ]--8<--
id UserName Attribute op Value
-- -------- ------------- -- -------
1 JohnDoe User-Password == secret1
2 JaneDoe User-Password == secret2
--8<--
...and two groups in the "radgroupcheck" table, one for users with static IP
addresses and one for users with dynamic IP addresses...
--8<--[ radgroupcheck ]--8<--
id GroupName Attribute op Value
-- --------- --------------- -- -----------
1 static Auth-Type := Local
2 static Service-Type := Framed-User
3 static Framed-Protocol := PPP
4 dynamic Auth-Type := Local
5 dynamic Service-Type := Framed-User
6 dynamic Framed-Protocol := PPP
7 dynamic Pool-Name := ippool1
--8<--
...as well as user -> group mappings in the "usergroup" table...
--8<--[ usergroup ]--8<--
id UserName GroupName
-- -------- ---------
1 JohnDoe static
2 JaneDoe dynamic
--8<--
...the individual user's static IP addresses...
--8<--[ radreply ]--8<--
id UserName Attribute op Value
-- -------- ----------------- -- -------
1 JohnDoe Framed-IP-Address = 1.2.3.1
--8<--
...and the group replies...
--8<--[ radgroupreply ]--8<--
id GroupName Attribute op Value prio
-- --------- --------------- -- ---------------------------------- ----
1 static Service-Type = Framed-User 0
2 static Framed-Protocol = PPP 0
3 static Cisco-AVPair = ip:dns-servers=1.2.3.250 1.2.4.250 0
4 dynamic Service-Type = Framed-User 0
5 dynamic Framed-Protocol = PPP 0
6 dynamic Cisco-AVPair = ip:dns-servers=1.2.3.250 1.2.4.250 0
--8<--
Here's the interesting content of radiusd.conf:
--8<--[ radiusd.conf ]--8<--
[...]
modules {
[...]
ippool ippool1 {
range-start = 1.2.4.2
range-stop = 1.2.4.249
netmask = 255.255.255.255
cache-size = 3072
session-db = ${raddbdir}/ippool.d/ippool1.session-db
ip-index = ${raddbdir}/ippool.d/ippool1.ip-index
override = no
maximum-timeout = 0
}
ippool ippool2 {
range-start = 1.2.8.2
range-stop = 1.2.8.249
netmask = 255.255.255.255
cache-size = 3072
session-db = ${raddbdir}/ippool.d/ippool2.session-db
ip-index = ${raddbdir}/ippool.d/ippool2.ip-index
override = no
maximum-timeout = 0
}
}
accounting {
ippool1
sql
}
session {
sql
}
post-auth {
ippool1
sql
}
--8<--
Everything works fine with ippool1.
How can I make ippool2 being used by the "dynamic" usergroup as well?
I would like to keep using the stable 1.0.2 release instead of switching to
a CVS snapshot, just in case the solution is easier with a recent
snapshot.
Thanks in advance.
--
Wolfram Schlich
pgpouVbwetTMt.pgp
Description: PGP signature
