help-gnu-radius
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Help-gnu-radius] RE: Re: Forcing GNU-Radius to change authentication ty

From: Paul Cole
Subject: [Help-gnu-radius] RE: Re: Forcing GNU-Radius to change authentication type
Date: Thu, 17 Sep 2009 11:10:20 -0000 
Thanks, Sergey.

Regards,
____________________________________________________________________________
_____
Paul 


-----Message d'origine-----
De : Sergey Poznyakoff [mailto:address@hidden 
Envoyé : jeudi 17 septembre 2009 10:04
À : Paul Cole
Cc : address@hidden
Objet : [?? Probable Spam] Re: Forcing GNU-Radius to change authentication
type

Hi Paul,

>    I've foud out that my NAS was sending the same NAS-Port-ID attribute
>    which is `0/0/0/0' for my pppoe users (normal because I have only one
>    port from where all the users are connected, physical port 0 on the
>    NAS). But the problem with that setting is that the radwho command will
>    obviously show only the last user getting connected and disconnect the
>    previous one...In my understanding, the session in GNU-Radius is
>    defined by the couple of `NAS-Port / Nas IP address' which explains
>    that behavior when issuing the radwho command.

Yes, that's right.

>    I am trying now to set the session to use only the session ID rather
>    than that couple which won't make radwho work for me. Need your help
>    hare implementing this...

The usual solution is to implement a rewriting function that would
create a unique NAS-Port ID from another pieces of information in the
request. This approach is described in section 10.2.4 "Rewriting Incoming
Requests" of the documentation (available online at
http://www.gnu.org/software/radius/manual/html_node/Rewriting-Incoming-Req
uests.html).

The examples/ directory contains some working samples, which might help
you implement your own rewriting procedure:

  examples/cisco.rw: function cisco_pid, called from cisco_fixup.
  examples/c3620.rw: function c3620_decode, called from c3620_fixup.
  examples/ascend.rw: function max_decode_port, called from max_fixup.

If you need any further help, please do not hesitate to write.

>    Another thing : does radzap physically disconnect the customer from the
>    NAS

No, of course it does not. It has no way of doing so: there is no 
general interface which would connect to NAS and tell it to drop a line.

Radzap is a last resort utility for bringing the system database in
synch with the actual state of user pools. It operates only on
rad[wu]tmp files. Normally, you rarely need to use it, if at all.

Regards,
Sergey
reply via email to
[Prev in Thread] Current Thread [Next in Thread]