From owner-freebsd-isp Sat Aug 11 2:55:40 2001 Delivered-To: freebsd-isp@freebsd.org Received: from Awfulhak.org (gw.Awfulhak.org [217.204.245.18]) by hub.freebsd.org (Postfix) with ESMTP id 4EBD537B409 for ; Sat, 11 Aug 2001 02:55:35 -0700 (PDT) (envelope-from brian@Awfulhak.org) Received: from hak.lan.Awfulhak.org (root@hak.lan.Awfulhak.org [172.16.0.12]) by Awfulhak.org (8.11.4/8.11.4) with ESMTP id f7B9tO542475; Sat, 11 Aug 2001 10:55:25 +0100 (BST) (envelope-from brian@Awfulhak.org) Received: from hak.lan.Awfulhak.org (brian@localhost [127.0.0.1]) by hak.lan.Awfulhak.org (8.11.4/8.11.4) with ESMTP id f7B9tOr31726; Sat, 11 Aug 2001 10:55:24 +0100 (BST) (envelope-from brian@hak.lan.Awfulhak.org) Message-Id: <200108110955.f7B9tOr31726@hak.lan.Awfulhak.org> X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4 To: francisv@dagupan.com Cc: brian@Awfulhak.org, isp@freebsd.org, brian@freebsd-services.com Subject: Re: PPPoE server setup + RADIUS In-Reply-To: Message from francisv@dagupan.com of "Sat, 11 Aug 2001 09:34:17 +0800." <10F29E27A956D511B0940050DA8D86A908F758@chat.dagupan.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Sat, 11 Aug 2001 10:55:24 +0100 From: Brian Somers Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > > > Hi all, > > > > > > We're currently experimenting with PPPoE on a FreeBSD 4.3-STABLE system > > with > > > a Windows 98 client using RASPPPOE. I've found some instructions on the > > web > > > on how to setup the PPPoE server and so far I've managed to make it run. > > > > > > We are using the RADIUS server of our upstream ISP for authenticating > > > clients. Here's a copy of my /etc/ppp/ppp.conf: > > > > > > pppoe-in: > > > allow users > > > enable pap > > > allow mode direct > > > set mru 1460 > > > set mtu 1460 > > > set speed sync > > > enable lqr > > > accept dns > > > set ifaddr 202.91.163.1 202.91.163.20-202.91.163.50 > > > set dns 202.91.161.130 202.47.132.1 > > > load server > > > set radius /etc/ppp/radius.conf > > > set log phase ipcp lcp debug > > > > > > Their RADIUS server sends a reply for Framed-IP-Address: 255.255.255.254 > > and > > > Framed-IP-Netmask: 255.255.255.0 > > > > > > But upon inspection of the client, it shows that it got the > > 255.255.255.254 > > > address instead of the IP address pool as defined in ppp.conf. What else > > > could be wrong here? Where should I look? Thanks! > > > > ppp will choose the RAD_FRAMED_IP_ADDRESS returned from the radius > > server above any IP number mentioned in ppp.conf or ppp.secret. > > > > 255.255.255.254 is a mighty odd IP number - but I'm sure you already > > know that :*) I wonder why your ISP's radius server is sending this ? > > Isn't it in RFC 2138? > > Framed-IP-Address > > Address > > The Address field is four octets. The value 0xFFFFFFFF indicates > that the NAS should allow the user to select an address (e.g. > Negotiated). The value 0xFFFFFFFE indicates that the NAS should > select an address for the user (e.g. Assigned from a pool of > addresses kept by the NAS). Other valid values indicate that the > NAS should use that value as the user's IP address. Ah, ok, does the attached patch help ? > What do you normally put there? As a standard practice, I mean. Nothing at all (so that the radius server doesn't return a framed ip address), but I don't generally use radius.... -- Brian http://www.freebsd-services.com/ Don't _EVER_ lose your sense of humour ! Index: radius.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/ppp/radius.c,v retrieving revision 1.22 diff -u -r1.22 radius.c --- radius.c 2001/04/01 22:39:17 1.22 +++ radius.c 2001/08/11 09:53:30 @@ -158,6 +158,8 @@ switch (got) { case RAD_FRAMED_IP_ADDRESS: r->ip = rad_cvt_addr(data); + if (ntohl(r->ip.s_addr) == 0xfffffffe) + r->ip.s_addr = INADDR_NONE; log_Printf(LogPHASE, " IP %s\n", inet_ntoa(r->ip)); break; To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message