AW: Radius Tunnel Attributes (Tunnel switching with Cisco Router)
Miquel van Smoorenburg
miquels at cistron.nl
Thu Jun 16 18:59:46 CEST 2005
In article <20050616104705.614C718CD73 at smtp.tal.de>,
<mike at ostw.de> wrote:
>Tunnel attributes are submittet correct to the cisco, tunnel creation works
>fine thx! BUT ;) ...
>... it only works per user. how do i have to configure my cistron radius
>that every user with
>the domain prefix:
>dsl/adsl-location1-
>
>will get the tunnel attributes ?
>
>
>and users with the prefix:
>dsl/adsl-location2-
>
>will get different tunnel / radius attributes ?
>
>? how / where do i have to configure the matching ? (users file ? realms ?)
>
>complete usernames are like dsl/adsl-location1-user
You can use the "hints" file for that. Something like:
# Hints file
DEFAULT Prefix = "dsl/adsl-location1-", Strip-User-Name = Yes
Hint = "location1"
DEFAULT Prefix = "dsl/adsl-location2-", Strip-User-Name = Yes
Hint = "location2"
# Users file
DEFAULT Hint = "location1"
Tunnel-Attr-1 = "bla",
Tunnel-Attr-2 = "bla",
Fall-Through = Yes
DEFAULT Hint = "location2"
Tunnel-Attr-1 = "foo",
Tunnel-Attr-2 = "foo",
Fall-Through = Yes
DEFAULT Auth-Type = system
.. depends on what you want to do, really. The above strips off the
prefix, sets tunnel attributes depending on the prefix, then
authentication the username without the prefix against /etc/passwd
Mike.
More information about the Cistron-radius
mailing list