2013-04-12 - Re: [GRASE-Hotspot] FreeRadius Additional Conf
Header Data
From: Tim White <ti***8@gmail.com>
Message Hash: de9571d92cd80e18befed84497c62561bc3b79075507aed4cd89af6a66780a7b
Message ID: <5168E191.2090508@gmail.com>
Reply To: <B3927F11C872D64EAF092F537F1C376616D8A191@jupiter.pslcol.com.co>
UTC Datetime: 2013-04-12 21:39:45 UTC
Raw Date: Sat, 13 Apr 2013 14:39:45 +1000
Raw message
On 13/04/13 00:20, Pablo Arango Correa wrote:
>
> Hello Tim,
>
> This is what I'm doing; I'm inserting into the next tables:
>
> radreply (Values for username,attribute,op,value ),radgroupreply
> (values for groupname attribute op value);
>
> for example:
>
> TABLE: radreply
>
> |id |username |attribute | op | value |
>
> |1 |00-YY-00-ZZ-17-C6 |Framed-IP-Address | := |
> 192.168.2.33 |
>
> TABLE: radgroupreply
>
> |id | groupname | attribute | op |
> value |
>
> |1 | static | Framed-Protocol | := |
> PPP |
>
> |2 | static | Service-Type | := |
> Framed-User |
>
> |3 | static | Framed-IP-Address | := |
> 192.168.2.33 |
>
> This is to let freeradius reserve IP addresses for certain MAC
> addresses. In this case the IP "192.168.2.33" for "00-YY-00-ZZ-17-C6"
> from the group "static" (previously created and set through the grase
> GUI). It works perfectly but whenever I make further changes from the
> GUI like creating a new group, it overwrites the above settings.
>
>
Hi Pablo
You shouldn't need any of those settings in the radgroupreply table.
What you are saying in the radgroupreply is that for any user in the
static group, firstly they are connecting via PPP (which they aren't),
secondly that they are a Framed-User, which they probably are but that's
not something we need to set, and lastly you give them the ip
address.... All users in the group, get that ip address, which is wrong.
What you have in the radreply table is correct though, and should be
working. It will only work with Machine accounts though, (which will
have a corresponding password in the radcheck table as well) as the
Framed-IP-Address can only be honour at Mac Authentication time by coova
chilli, as once a client has a DHCP lease, we can't then change their ip
address.
When I can, I'll try it myself and see, but just that radreply line
should be what you need, as long as there is already a machine account
for that MAC address.
Tim
Thread
-
Return to April 2013
- Return to “Pablo Arango Correa <pa***o@psl.com.co>”
-
Return to “Tim White <ti***8@gmail.com>”
- 2013-04-11 (Thu, 11 Apr 2013 23:30:30 +0000) - [GRASE-Hotspot] FreeRadius Additional Conf - Pablo Arango Correa <pa***o@psl.com.co>
- 2013-04-11 (Fri, 12 Apr 2013 10:19:37 +1000) - Re: [GRASE-Hotspot] FreeRadius Additional Conf - Tim White <ti***8@gmail.com>
- 2013-04-12 (Fri, 12 Apr 2013 14:20:48 +0000) - Re: [GRASE-Hotspot] FreeRadius Additional Conf - Pablo Arango Correa <pa***o@psl.com.co>
- 2013-04-12 (Sat, 13 Apr 2013 14:39:45 +1000) - Re: [GRASE-Hotspot] FreeRadius Additional Conf - Tim White <ti***8@gmail.com>
- 2013-04-15 (Mon, 15 Apr 2013 13:34:27 +0000) - Re: [GRASE-Hotspot] FreeRadius Additional Conf - Pablo Arango Correa <pa***o@psl.com.co>
- 2013-04-12 (Sat, 13 Apr 2013 14:39:45 +1000) - Re: [GRASE-Hotspot] FreeRadius Additional Conf - Tim White <ti***8@gmail.com>
- 2013-04-12 (Fri, 12 Apr 2013 14:20:48 +0000) - Re: [GRASE-Hotspot] FreeRadius Additional Conf - Pablo Arango Correa <pa***o@psl.com.co>
- 2013-04-11 (Fri, 12 Apr 2013 10:19:37 +1000) - Re: [GRASE-Hotspot] FreeRadius Additional Conf - Tim White <ti***8@gmail.com>