Date: Fri, 21 Nov 1997 00:08:37 +0100 (CET) From: isp <isp@elgo.si> To: "Tom T. Thai" <tomthai@future.net> Cc: linuxisp@friendly.jeffnet.org, freebsd-isp@FreeBSD.ORG Subject: Re: radiusclient users? Message-ID: <Pine.LNX.3.95.971120234704.17438A-100000@crv.elgo.si> In-Reply-To: <Pine.NEB.3.96.971120151528.8660A-100000@dream.future.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 20 Nov 1997, Tom T. Thai wrote: > could I get a show of hands to see who uses radiusclient (by Lars), > patched ppp2.2.0f (by Godec, and Map)? > We're using it all right :)) > I'm writing documentation for it and have lots of questions. There > currently seems to be lots of patches and login.radius around, and I want > to pull them all together. > Nice ! But login.radius is quite site specific. > I think this would be very helpful for everyone who uses radiusclient. > I'm aware of portslave also, but I think radiusclient is more modular so > I am leaning toward radiusclient. > Me too :)) Avtualy I'm too lasy or busy to test new thing when my current setup works. Maybe sometime :)) > Here one interesting thing I just found out when I was playing around with > mgetty+autoppp, radiusclient, and pppd-radius: > > Assume auto ppp detection is in progress and mgetty passes the call to > pppd-radius. Even though pppd-radius doesn't actually need login.radius, > login.radius should still exit in the path for pppd-radius to authenticate > the user. > I don't think so, but it could be. Actualy I don't even use login.radius but some other script. > Here is a would be FAQ: > > Assume you are running RADIUS2.0.1 and the user profile uses > Framed-IP-Address = 255.255.255.254 or Framed-IP-Address = > 255.255.255.255, how do you tell pppd-radius to assign the proper IP? In > the first case, radiusclient or pppd-radius have to pick an available IP > from an assigned IP pool just like the Portmasters or use the port IP > from /etc/ppp/options.ttyR0 or so. Yes, the first case do so. > In the second case, > radiusclient/pppd-radius should use the "user" picked IP. Currently > radiusclient/pppd-radius doesn't support that directly, but I suppose you > could parse the parameter using login.radius (but not with the current > radiusd-ppp, unless it's thru ip-up, etc.) > It does ! This stuff is in the patched pppd-radius so it should work ! If You are using radius.login (so user has to login and do scripting), than login.radius needs to setup proper IP, but if You are using PAP to authenticate then login.radius is never called and pppd-radius sets up IP from radius server. > Also, some of you probably do some kind of filtering and such... > That would be nice some day. > So let's see a show of hand that is willing to help. I'll post my work in > progress at http://www.future.net/~tomthai/radius. > There is basicly two types of users login: One with autoPPP detection and one thru ordinary session. With AutoPPP pppd has to do all the work (and that is why I did the patches in the first place), In the other case, some program login.radius or something defined in radiusclient.conf should do the parsing and start proper pppd session. There is basical stuff in pppd-radius which I needed and some extension which Miguel A.L. Paraz <map@iphil.net> added and he also cleaned and combined all the thing in some form. All the work is based, and I think he should get all the credits, on Lars Fenneberg <in5y050@public.uni-hamburg.de>'s radiusclient library.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.3.95.971120234704.17438A-100000>