AW: AW: AW: Radius Tunnel Attributes (Tunnel switching withCiscoRouter)

mike at ostw.de mike at ostw.de
Wed Jun 22 13:02:05 CEST 2005 

It works nice :) with Auth-Type in the first line!
Thank your very much for your help!
Greets
Mike


-----Ursprüngliche Nachricht-----
Von: cistron-radius-bounces at lists.cistron.nl
[mailto:cistron-radius-bounces at lists.cistron.nl] Im Auftrag von Miquel van
Smoorenburg
Gesendet: Freitag, 17. Juni 2005 20:26
An: cistron-radius at lists.cistron.nl
Betreff: Re: AW: AW: Radius Tunnel Attributes (Tunnel switching
withCiscoRouter)

In article <20050617111318.4BC7D18EA9E at smtp.tal.de>,
 <mike at ostw.de> wrote:
>Thx for your quick answer! 
>I changed my hints file and now it works (matching on
>prefix:dsl/adsl-location1/2) , but there is another (new) but :)
>I think, it is right, that a user first needs to be authenticatet before
the
>user gets authorized and recieves his (tunnel) attributes? for my scenario
i
>need something like this:
>
>all user with domain prefix 
>
>dsl/adsl-location1-username
>dsl/adsl-location2-username
>dsl/adsl-location3-username
>.
>.
>.
>and so on, sould be redirected (with use of tunnel-attributes) to another
>router. on the radius-server, which commits these tunnel-attributes, these
>users must be first authenticatet to recieve these tunnel-attributes, but,
i
>only want to forward them without authentification. all other users with a
>domain prefix like
>dsl/adsl-username
>sould be authenticated and terminated locally and should not recieve any
>tunnel-attributs (normal user entries in users file)

I honesly have to admit that I've lost you completely. I don't
know what you're trying to do, but I cn offer some help with
the syntax errors you're making:

>I tested to add 
>Auth-Type = None 
>in the hints file for the tunneld users, but this doesnt work
>DEFAULT Prefix = "dsl/adsl-location1", Strip-User-Name = No
>        Hint = "tunnel1"
>	  Auth-Type = None

Auth-Type doesn't belong in the hints file.

>also in the users file
>DEFAULT Hint = "tunnel1"
>	  Auth-Type = None

Auth-Type MUST go on the first line - it's a check attribute,
not a reply attribute.

>does not work, any solution or idea how i should configure my radius to
>1. authenticate user which will be locally terminated (and authenticatet
via
>users file)

DEFAULT	Hint = "tunnel1", Auth-Type = None
	Tunnel-Attr = foo,
	Tunnel-Attr = bar

Mike.

- 
List info/subscribe/unsubscribe? See http://www.radius.cistron.nl/list/

More information about the Cistron-radius mailing list