[c-nsp] AS5300 + RADIUS - IP Address Assignment

Ejay Hire ejay.hire at isdn.net
Thu Aug 26 18:01:40 EDT 2004 

In advance, I'm sorry if this sounds like a commercial for
the Radiator radius server.

We use the aforementioned super amazing spectacular great...
Product, and do exactly what you want to do with the
following.  If I remember right, allocateonreplyproxy.pl is
in the goodies folder of the default radiator install.  It
selects and assigns an IP pool based on the Pool Id in the
radius reply..

<handler realm=isp1.com>
	AuthBy isp1
</handler>
<handler realm=isp2.com>
	AuthBy isp2
</handler>

<authby radius>
	identifier isp1
	host x.x.x.x
	retries x
	secret x
	
	AddToReply	Pool = 1

	ReplyHook
file:"/usr/local/etc/AllocateIPOnReplyProxy.pl"
</authby

<authby radius>
	identifier isp1
	host x.x.x.x
	retries x
	secret x
	
	AddToReply	Pool = 2

	ReplyHook
file:"/usr/local/etc/AllocateIPOnReplyProxy.pl"
</authby


> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net 
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of
Crooks, Samuel
> Sent: Thursday, August 12, 2004 10:20 PM
> To: cisco-nsp at puck.nether.net
> Subject: RE: [c-nsp] AS5300 + RADIUS - IP Address
Assignment
> 
> 
> 
>
------------------------------------------------------------
----------
> 
> Message: 1
> Date: Wed, 11 Aug 2004 11:42:39 +0200
> From: Mark Tinka <mtinka at africaonline.co.sz>
> Subject: [c-nsp] AS5300 + RADIUS - IP Address Assignment
> To: cisco-nsp at puck.nether.net
> Message-ID: <200408111142.39660.mtinka at africaonline.co.sz>
> Content-Type: text/plain;  charset="us-ascii"
> 
> Hello all.
> 
> I have a situation where 2 providers, ISP A and ISP B are
sharing a
> single 
> AS5300.
> 
> Both ISP's have their own circuits to their upstreams, and
even though
> both 
> their customers would be dialing the same NAS, they don't
want one ISP
> to 
> provide the Internet connectivity for both sets of
customers.
> 
> ISP A would like to have its customers use its Internet
connectivity,
> and ISP 
> B would like its own customers to use its own connectivity
as well.
> 
> The easiest way to do this would be to assign a static IP 
> address in the
> 
> RADIUS attributes of ISP B's customers, so that when they 
> dial they get
> ISP 
> B's IP's, while ISP A's customers take the default IP pool

> from the NAS.
> 
> However, the problem with this scenario is management and
scalability,
> and 
> the fact that ISP B wouldn't really like to provide static
IP's for a
> dial-up 
> service.
> 
> My question, then, is, would it be possible for RADIUS, in

> some way, to
> be 
> told that for ISP B's customers, it take an IP assigned
from 
> 'def' pool
> on 
> the NAS so ISP B's customers can use ISP B's Internet
connectivity,
> while ISP 
> A takes the default 'abc' pool from the NAS?
> 
> All help appreciated?
> 
> Mark.
> 
> 
> 
> Sounds like you need to use a discriminator to specify
which pool to
> assign from, on the RADIUS server.  I would do it all on
the RADIUS
> server, since you have a per-user config going already..
keep it all
> there.  I would either discriminate based on the DNIS (if
they dial
> different numbers) or the RADIUS realm to do it by the
username.
> 
> 
> 
> 
> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list