Re: [swinog] Dynamic users and routes

Thu, 27 Mar 2003 01:14:55 -0800

Hi,

I would definitively do it with a Radius server.
Store the user profiles somewhere, and configure the Radius to attributes the IPs (attributes Framed-IP-Address and Framed-IP-Netmask). To create the associated route, use the Framed-Route attribute (using the Framed-IP-Address as a gateway).

Even if it's for a small amount of users, you'll be happy to be able to use that on other purposes, setting it up easily (basically just aaa radius authentication config in the cisco)

If you intend to store the users profile in LDAP, then I have a radiator config which does the job.
Just let me know if you're interested in more details. This setup is quite quick to install.

Fred


Viktor Steinmann wrote:

Ummm.... I had a similar problem about 2 weeks ago and was also looking for exactly the same thing - I gave up after 4 hours of googling, reading cisco docs and trying to create some nasty hack with policy-based-routing...

Only radius-attributes did the trick... but if you find out something else, I'd be interested in the results, too :-)

Viktor

On Thursday 27 March 2003 01:17, Andre Oppermann wrote:


Hello,

I've got a little Cisco problem. There is a 2600 router with two
BRI interfaces and there are a couple of other routers out there
periodically connecting to it. I'm using virtual-templates to allow
for mppp channel bundling. So the interface is alway changing.
Sometimes this user has got vi2, the other time vi3 and so on.
Putting a static route route with "ip route blabla" is not an
option.

Now the problem is how can I associate a separate static route (ie.
192.168.40/24 and so on) to the "users" that connect to the 2600?

I've been searching the Cisco website for documentation all night
and can't find a useful solution other than putting a RADIUS or
TACACS server in place to handle the routes.

Is there any way to bond a static route to a given user thats
connects to the machine in a way that can be done entirely local
on the router? The IOS I have on it is 12.2.T13(3).


----------------------------------------------
[EMAIL PROTECTED] Maillist-Archive:
http://www.mail-archive.com/swinog%40swinog.ch/




----------------------------------------------
[EMAIL PROTECTED] Maillist-Archive:
http://www.mail-archive.com/swinog%40swinog.ch/

Reply via email to