Got It, Thanks!. Works fine.
Now if the Attribue PoolHint is not present, the access is denied...?
Thanks for any tip's
mysql> select * from SUBSCRIBERS;
+-----------+----------+-------------------+-----------+----------------+
| USERNAME | PASSWORD | ENCRYPTEDPASSWORD | CHECKATTR | REPLYATTR
|
+-----------+----------+-------------------+-----------+----------------+
| mikem | fred | 1xMKc0GIVUNbE
| |
|
| ofigueroa |
| oayIfC2EONmhQ |
|
|
| justice |
| iiB5xlr2d6JlY |
| |
| chob |
| fin3.g1baBCIo |
| PoolHint=pool1 |
+-----------+----------+-------------------+-----------+----------------+
Attributes:
User-Name = "justice"
User-Password = *****
Service-Type = Framed-User
Framed-Protocol = PPP
NAS-IP-Address = 204.254.85.153
Framed-IP-Address = 63.100.21.37
NAS-Port = 39
Annex-Port = 20205
NAS-Port-Type = Async
Connect-Info = "49333
26400 V.90"
Calling-Station-Id = "023377195"
Signature = *****
Fri Oct 6 06:54:39 2000: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Fri Oct 6 06:54:39 2000: DEBUG: Deleting session for justice,
204.254.85.153,
39
Fri Oct 6 06:54:39 2000: DEBUG: Handling with Radius::AuthSQL
Fri Oct 6 06:54:39 2000: DEBUG: Handling with Radius::AuthSQL
Fri Oct 6 06:54:39 2000: DEBUG: Query is: select ENCRYPTEDPASSWORD,
CHECKATTR,
REPLYATTR from SUBSCRIBERS where USERNAME='justice'
Fri Oct 6 06:54:39 2000: DEBUG: Radius::AuthSQL looks for match
with justice
Fri Oct 6 06:54:39 2000: DEBUG: Radius::AuthSQL ACCEPT:
Fri Oct 6 06:54:39 2000: DEBUG: Handling with Radius::AuthDYNADDRESS
Fri Oct 6 06:54:39 2000: DEBUG: Query is: select YIADDR, SUBNETMASK,
DNSSERVER
from RADPOOL where
POOL='' and STATE=0 order by TIME_STAMP
Fri Oct 6 06:54:39 2000: INFO: Access rejected for justice: No
available addresses
Fri Oct 6 06:54:39 2000: DEBUG: Packet dump:
*** Sending to 204.254.85.153 port 1413 ....
Code: Access-Reject
Identifier: 178
Attributes:
Service-Type = Framed-User
Framed-Protocol = PPP
Framed-Routing = None
Framed-MTU = 1500
Framed-Compression = Van-Jacobson-TCP-IP
Reply-Message = "Request
Denied"
Hugh Irvine wrote:
Hello Jaime -On Fri, 06 Oct 2000, Jaime Cruz wrote:
> Hi there!
>
> We are trying to dynamically assign IP address by using the
> <AuthBy DYNADDRESS> and the <AddressAllocator>.
> We are using MySQL database for the RADPOOL.
> The problem we facing is that the Radiator WARNING the attribute PoolHint.
>
> He's what appear on the logfile:
>
> *** Received from 127.0.0.1 port 1026 ....
> Code: Access-Request
> Identifier: 121
> Attributes:
> User-Name = "justice"
> User-Password = ******
> NAS-Port = 22
> Livingston = "test"
> NAS-IP-Address = 1.1.1.1
>
> Thu Oct 5 19:18:54 2000: DEBUG: Handling request with Handler 'Realm=DEFAULT'
> Thu Oct 5 19:18:54 2000: DEBUG: Deleting session for justice, 1.1.1.1, 22
> Thu Oct 5 19:18:54 2000: DEBUG: Handling with Radius::AuthSQL
> Thu Oct 5 19:18:54 2000: DEBUG: Handling with Radius::AuthSQL
> Thu Oct 5 19:18:54 2000: DEBUG: Query is: select ENCRYPTEDPASSWORD, CHECKATTR,
> REPLYATTR from SUBSCRIBERS where USERNAME='justice'
>
> Thu Oct 5 19:18:54 2000: DEBUG: Radius::AuthSQL looks for match with justice
> Thu Oct 5 19:18:54 2000: DEBUG: Radius::AuthSQL ACCEPT:
> Thu Oct 5 19:18:54 2000: DEBUG: Access accepted for justice
> Thu Oct 5 19:18:54 2000: WARNING: No such attribute PoolHint
> Thu Oct 5 19:18:54 2000: DEBUG: Packet dump:
> *** Sending to 127.0.0.1 port 1026 ....
> Code: Access-Accept
> Identifier: 121
> Authentic: *********
> Attributes:
> PoolHint = pool1
> Service-Type = Framed-User
> Framed-Protocol = PPP
> Framed-Routing = None
> Framed-MTU = 1500
> Framed-Compression = Van-Jacobson-TCP-IP
>
> He's what appear on the radius.conf:
>
>
> <ClientListSQL>
> DBSource dbi:mysql:radiator:db
> DBUsername radiator
> DBAuth ******
> </ClientListSQL>
> <AddressAllocator SQL>
> Identifier myallocator
> #
> DBSource dbi:mysql:radiator:db
> DBUsername radiator
> DBAuth *****
> DefaultLeasePeriod 86400
> <AddressPool pool1>
> Subnetmask 255.255.255.0
> Range 10.1.1.1 10.1.1.254
> </AddressPool>
> <AddressPool pool2>
> Subnetmask 255.255.255.0
> Range 10.1.2.1 10.1.2.254
> </AddressPool>
> </AddressAllocator>
>
> <Realm DEFAULT>
> <AuthBy SQL>
> DBSource dbi:mysql:radiator:db
> DBUsername radiator
> DBAuth ******
> AuthSelect select ENCRYPTEDPASSWORD, CHECKATTR, REPLYATTR \
> from SUBSCRIBERS where USERNAME='%n'
> AuthColumnDef 0, Encrypted-Password, check
> AuthColumnDef 1, GENERIC, check
> AuthColumnDef 2, GENERIC, reply
> #
> </AuthBy>
> <AuthBy DYNADDRESS>
> Allocator myallocator
> StripFromReply PoolHint
> </AuthBy>
> AcctLogFileName %L/detail
> </Realm>
>You need to tell Radiator to execute both AuthBy clauses, with an AuthByPolicy:
<Realm DEFAULT>
AuthByPolicy ContinueWhileAccept
<AuthBy SQL>
DBSource dbi:mysql:radiator:db
DBUsername radiator
DBAuth ******
AuthSelect select ENCRYPTEDPASSWORD, CHECKATTR, REPLYATTR \
from SUBSCRIBERS where USERNAME='%n'
AuthColumnDef 0, Encrypted-Password, check
AuthColumnDef 1, GENERIC, check
AuthColumnDef 2, GENERIC, reply
#
</AuthBy>
<AuthBy DYNADDRESS>
Allocator myallocator
StripFromReply PoolHint
</AuthBy>
AcctLogFileName %L/detail
</Realm>Have a look at section 6.21.1 in the Radiator 2.16.3 reference manual.
hth
Hugh
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
-- Jaime Cruz M PSINetworks [EMAIL PROTECTED]
