[cisco-nas] include extra attribute in the auth request
Tassos Chatzithomaoglou
achatz at forthnet.gr
Wed Apr 5 10:18:58 EDT 2006
Oliver Boehmer (oboehmer) wrote on 5/4/2006 8:05:
> Tassos Chatzithomaoglou <> wrote on Tuesday, April 04, 2006 12:32 PM:
>
>
>>Is there a way i can include something extra/unique (besides
>>username/password) in the auth request of a ppp client?
>>
>>I have a cisco 876 making some adsl/isdn calls and i want to have it
>>include a user-specified attribute in the dialer auth request. Is
>>that possible?
>>
>>I'm asking this because i want radius to be able to tell if both the
>>adsl & isdn calls originate from the same client.
>
>
> You want to configure something at the client so the NAS/BRAS will
> include some attributes allowing your Radius server to tell if this is
> the same client? To enforce some per-user session-limit, which allows
> the ISDN connection even if the PPPoE/DSL session is still up on the
> BRAS, I guess?
Yep!!! Exactly that one ;)
I was looking for something like that on the NAS/BRAS:
radius-server attribute XX include-in-access-req
where XX is a used-defined (or even better randomly computed by router)
attribute on the client side.
> Well, tricky. Can't think of anything we can use. Theoretically, with
> multilink we could use the endpoint-discriminator, but currently this
> does not seem to be supported.
>
> Maybe we can suggest more if you tell us why you need this?
>
I'm trying to implement a backup scenario and i need to have both adsl & isdn
active at the same time, as long as their source is common.
> oli
>
Tassos
More information about the cisco-nas
mailing list