New message. The previous got sent too soon. On 10/25/2011 01:27 AM, Jennyanydots Napoleon Shoehorn wrote:
Hello, > My auth's mainly working but I need some general assistance getting the > following working. Have started with the chilli-radmin.cfg file with > some added enhancements. > > 1. Group check, including download limits, session timeouts etc. Radmin has service profiles for grouping. These should help with grouping the users. The example AcctSQLStatement shows how to update user specific byte counters. Those might be useful to get started. Note that the SQL statements can be modified as required. > 2. How to authenticate against a nas-id, not an ip. We need a shared > secret per nas Called-Station-Id MAC address is already supported. If you configure your client like this <Client MAC:00-11-22-33-44-55> Radiator will try to match this against Called-Station-Id in the incoming request. The two formats for CSI are supported: separated by dashes (-) or without separaters e.g.: 001122334455 If e.g. SSID is appended to the MAC address, it is ignored and does not cause problems for matching the MAC. Would MAC address in Called-Station-Id work for you? > 3. Hunt group implementation - allow, disallow access per network The Identifier in Client clause can be used as a hunt group identifier. So if you configure multiple clients with the same Identifier, use IdenticalClients or ClientListSQL, you can group NASes to groups under the same Identifier. For example: <Client 10.2.3.4> Identifier group1 IdenticalClients 10.2.3.5 </Client> <Handler Client-Identifier=group1> ... The handler would then be used for requests from 10.2.3.4 and 10.2.3. Another alternative might be to use Client-Identifier value with AuthBy SQL. The Client-Identifier would be part of AuthSelect SQL query values when pulling data from the DB for the user. > Sorry if this has been covered in the docs but I've been through and > would really appreciate a couple of decent examples. Just need to get > started! > > Thanks in advance > > J > > > _______________________________________________ > radiator mailing list > [email protected] > http://www.open.com.au/mailman/listinfo/radiator -- Heikki Vatiainen <[email protected]> Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. _______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator _______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator
