[rbak-nsp] CLIPS session in context depending on RADIUS
Arjan Van Der Oest
Arjan at voiceworks.nl
Tue Dec 21 18:05:41 EST 2010
Stefano/David,
Many thanks. I've deleted some parts of the config and substituted the pieces of Stefano. And now it works. I'm not exacty sure what is the change that fixed it, I saved all previous configs so I'll do some rolling-back and forward tomorrow and see what fixed it.
For now I can go to sleep, peacefully... Lots to do and learn tomorrow, SEOS is a strange platform. Not sure wether I'm going to love or hate it <eg>...
Merry christmas and thank you.
--
Met vriendelijke groet,
Arjan van der Oest
Senior Network & Systems Engineer / Security Officer
Voiceworks BV - Editiestraat 29 - 1321 NG Almere
Mobile : (+31) (0)36 7600 197
Voiceworks winnaar Gouden FD Gazelle Award 2010 http://bit.ly/eksf8V
On 21Dec, 2010, at 23:10 , David Freedman wrote:
> I think what Stefano is trying to say, is that there is currently no way in
> a context of specifying that AAA should come from another context.
>
> There is however a way of telling a context that it should refer the AAA to
> the settings in the global config (for instance, when the context itself is
> completely private and can't reach any AAA platforms of its own)
> In this case, you can have the AAA performed by the main box (global) and
> return the result to the asking context.
>
> When you configure the AAA for the whole box (global) you can specify a
> context through which the settings and reachability will be taken, in most
> cases, your box is managed via the local context (or a dedicated management
> context) and the radius servers and routing will be set up here (since, you
> can't actually configure radius servers outside of a context, give it a try)
>
> In Stefano's example, he is instructing you to point your user context
> (AUTHENTICATION) at "global" and to delegate that "global" uses the context
> called "local" for radius server settings and routing
>
>
> Dave.
>
> On 21/12/2010 19:51, "Arjan Van Der Oest" <Arjan at voiceworks.nl> wrote:
>
>> But all I'm able to configure global is a pointer to the local concept. There
>> is no AAA server configured in global config...
>
> --
>
> David Freedman
> Group Network Engineering
>
> david.freedman at uk.clara.net
> Tel +44 (0) 20 7685 8000
>
> Claranet Group
> 21 Southampton Row
> London - WC1B 5HA - UK
> http://www.claranet.com
>
> Company Registration: 3152737 - Place of registration: England
>
> All the information contained within this electronic message from Claranet
> Ltd is covered by the disclaimer at http://www.claranet.co.uk/disclaimer
>
>
More information about the redback-nsp
mailing list