I would definitively do it with a Radius server.
Store the user profiles somewhere, and configure the Radius to attributes the IPs (attributes Framed-IP-Address and Framed-IP-Netmask). To create the associated route, use the Framed-Route attribute (using the Framed-IP-Address as a gateway).
Even if it's for a small amount of users, you'll be happy to be able to use that on other purposes, setting it up easily (basically just aaa radius authentication config in the cisco)
If you intend to store the users profile in LDAP, then I have a radiator config which does the job.
Just let me know if you're interested in more details. This setup is quite quick to install.
Fred
Viktor Steinmann wrote:
Ummm.... I had a similar problem about 2 weeks ago and was also looking for exactly the same thing - I gave up after 4 hours of googling, reading cisco docs and trying to create some nasty hack with policy-based-routing...
Only radius-attributes did the trick... but if you find out something else, I'd be interested in the results, too :-)
Viktor
On Thursday 27 March 2003 01:17, Andre Oppermann wrote:
Hello,----------------------------------------------
I've got a little Cisco problem. There is a 2600 router with two BRI interfaces and there are a couple of other routers out there periodically connecting to it. I'm using virtual-templates to allow for mppp channel bundling. So the interface is alway changing. Sometimes this user has got vi2, the other time vi3 and so on. Putting a static route route with "ip route blabla" is not an option.
Now the problem is how can I associate a separate static route (ie. 192.168.40/24 and so on) to the "users" that connect to the 2600?
I've been searching the Cisco website for documentation all night and can't find a useful solution other than putting a RADIUS or TACACS server in place to handle the routes.
Is there any way to bond a static route to a given user thats
connects to the machine in a way that can be done entirely local
on the router? The IOS I have on it is 12.2.T13(3).
[EMAIL PROTECTED] Maillist-Archive:
http://www.mail-archive.com/swinog%40swinog.ch/
---------------------------------------------- [EMAIL PROTECTED] Maillist-Archive: http://www.mail-archive.com/swinog%40swinog.ch/