[c-nsp] DSL PPPoE Static IP via RADIUS

Scott Lambert lambert at lambertfam.org
Tue Mar 7 16:03:14 EST 2006 

On Tue, Mar 07, 2006 at 02:40:53PM -0600, Jeremiah Millay wrote:
> Hello,
> I'm trying to set up Static IP leases from RADIUS to PPPoE clients. The 
> only way I can get the client a static IP at this point is via DHCP 
> using the client ID / hardware address.

I'm no expert but we do have a working setup.  We don't use DHCP on our
PPPoE clients.

> Here is a snippet of my current config:
> 
> interface Virtual-Template1
>  mtu 1492
>  ip unnumbered Loopback1
>  no logging event link-status
>  peer default ip address dhcp
>  ppp authentication chap
> !
> !
> ip address-pool dhcp-proxy-client
> ip dhcp-server X.X.X.X   ! This actually points to my router locally
> !
> !
> ip dhcp pool PPPOE             ! Main DHCP Pool
>    network X.X.X.X 255.255.255.0
>    dns-server X.X.X.X
>    default-router X.X.X.X
> !
> ip dhcp pool teststatic    ! A test static DHCP lease
>    host X.X.X.200 255.255.255.0
>    client-identifier 0067.6e61.7266.4072.6f63.6b72.6976.6572.2e6e.6574
>    dns-server X.X.X.X
>    default-router X.X.X.X
> 
> !
> ip dhcp excluded-address X.X.X.201
> !
> radius-server configure-nas
> radius-server host X.X.X.X auth-port 1645 acct-port 1646 key 7 
> XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
> 
> !

interface Virtual-Template3
 description PPPoE DSL
 mtu 1492
 ip unnumbered Loopback0
 no logging event link-status
 peer default ip address pool dsl
 ppp authentication pap callin

! normal dynamic IP users get ips from this pool
ip local pool dsl XXX.XXX.XXX.151 XXX.XXX.XXX.254

! 
ip domain-name ispdomain.tld
ip name-server XXX.XXX.XXX.Y
ip name-server YYY.YYY.YYY.X


The static IPs are assigned from outside that pool.  The static IPs are
only defined in RADIUS.

> 
> 
> Here is part of my radius config for a user:
> 
> someuser at domain.net   User-Password == "somepass"
>         Framed-Protocol = PPP,
>         Framed-Routing = None,
>         Framed-MTU = 1492,
>         Framed-Address = X.X.X.201,
>         Framed-Netmask = 255.255.255.0
> 
> (Note I've also tried 'Framed-IP-Address')

someuser  Auth-Type = System
        Service-Type = Framed-User,
        Framed-Protocol = PPP,
        Framed-Netmask = 255.255.255.255,
        Framed-Address = YYY.YYY.YYY.88

-- 
Scott Lambert                    KC5MLE                       Unix SysAdmin
lambert at lambertfam.org

More information about the cisco-nsp mailing list