Hello Thomas - You will find a complete example in “goodies/addressallocator.cfg” and the RADPOOL database structure in “goodies/sybase.sql”.
regards Hugh > On 8 May 2016, at 23:57, Thomas Kurian <tho...@kccg.com> wrote: > > > Hi Support, > > For dynamic address allocation , if you can > please help me by advising steps to implement addressallocator.cfg as we > have decided to use sql as address backend. Please advise the sql > database structure radpool and radonline tables. We want to assign ip > address to client machines based on their username, password and > hostname. Our requirement is to map Username/Hostname to assigned its > respective client ip address. > > Following is our radius.cfg for your kind review :- > > #Foreground > #LogStdout > > AcctPort 1813 > AuthPort 1812 > > BindAddress 0.0.0.0 > > LogDir /var/log/radius > DbDir /etc/radiator > DictionaryFile /etc/radiator/dictionary > > # User a lower trace level in production systems: > Trace 4 > > # You will probably want to add other Clients to suit your site, > # one for each NAS you want to work with > <Client DEFAULT> > Secret archies > DupInterval 0 > </Client> > > > <Client 172.16.0.229> > Secret archies > Identifier FW1 > DupInterval 0 > </Client> > > > <AuthLog FILE> > Identifier myauthlogger > Filename %L/authlog > LogSuccess 1 > LogFailure 1 > </AuthLog> > > <Handler Request-Type=Access-Request,Client-Identifier=FW1> > <AuthBy FILE> > Filename %D/users > </AuthBy> > # Log accounting to a detail file > AcctLogFileName %L/detail > > PostAuthHook file:"/etc/radiator/wgetmagic.pl" > > </Handler> > > # This is where we authenticate a PEAP inner request, which will be an > # EAP request. The username of the inner request will anonymous by > # default, although the identity of the EAP request will be the real > # username we are trying to authenticate. > <Handler > Request-Type=Access-Request,Client-Identifier=NETGENIE,TunnelledByPEAP=1> > Identifier EAP-MSCHAP-V2 > <AuthBy FILE> > Filename %D/users > > # This tells the PEAP client what types of inner EAP requests > # we will honour > EAPType MSCHAP-V2 > </AuthBy> > > # Log authentication success and failure to the a file > AuthLog myauthlogger > > PostAuthHook > file:"/root/Desktop/Radiator-installer20-3-2016/Radiator-Locked-4.16/goodies/eap_anon_hook.pl" > </Handler> > > <Handler Client-Identifier=NETGENIE> > Identifier EAP-PEAP > <AuthBy FILE> > Filename %D/users > > EAPType PEAP > > EAPTLS_CAFile %D/certificates/demoCA/cacert.pem > > EAPTLS_CertificateFile %D/certificates/cert-srv.pem > EAPTLS_CertificateType PEM > > EAPTLS_PrivateKeyFile %D/certificates/cert-srv.pem > EAPTLS_PrivateKeyPassword whatever > > EAPTLS_MaxFragmentSize 1000 > > AutoMPPEKeys > > EAPTLS_PEAPVersion 0 > > </AuthBy> > > # Log authentication success and failure to the a file > AuthLog myauthlogger > > PreProcessingHook > file:"/root/Desktop/Radiator-installer20-3-2016/Radiator-Locked-4.16/goodies/eap_anon_hook.pl" > AcctLogFileName %D/detail > </Handler> > > > > -- > Best Regards, > > Thomas Kurian > > > > > > -- Hugh Irvine h...@open.com.au Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER, SIM, etc. Full source on Unix, Linux, Windows, MacOSX, Solaris, VMS, NetWare etc. _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
