[c-nsp] pppoe with 7200
Kristofer Sigurdsson
ks at rhi.hi.is
Wed Mar 9 06:16:41 EST 2005
Thomas Braun, Wed, Mar 09, 2005 at 12:06:45PM +0100 :
> Hi,
>
> >If I recall correctly, you can't limit per username on the router.
> >However, this is quite easy on most RADIUS servers I've seen, are
> >you authenticating your users via RADIUS?
> >
> >
> Yes, we authenticate the users with RADIUS(Radiator).
>
> Do you have an example configuration, maybe for an other RADIUS-Server?
On FreeRADIUS (and probably more), you use the Simultaneous-Use directive
in the user definition.
Eg.:
user1 Simultaneous-Use := 1, Auth-Type = LDAP
or:
user2 Simultaneous-Use := 1, Auth-Type = Local, Password = "cisco"
This can also be combined with other options, eg:
user3 Simultaneous-Use := 1, NAS-IP-Address == 192.168.1.1, Auth-Type = Local, Password = "cisco"
If you want to impose this limit for all your users, you can use a
default entry:
DEFAULT Simultaneous-Use := 1
Fall-Back = 1
The default entry can also have options (restrictions on what to match):
DEFAULT NAS-IP-Address == 192.168.1.1, Simultaneous-Use := 1
Fall-Back = 1
These examples are for FreeRADIUS, but I hope you can make something
out of it for Radiator...
--
Kristófer Sigurðsson | Tel: +354 525 4103 / MSN: ks at rhi.hi.is
Netsérfr./Network specialist | Reiknistofnun HÍ/University of Iceland
More information about the cisco-nsp
mailing list