[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freeradius-users
Subject:    DHCP 82 Option Controls
From:       Maile Halatuituia <maile.halatuituia () tcc ! to>
Date:       2019-11-21 19:03:39
Message-ID: 2876896c7d8d4fe7a6c026acbd2eedd4 () mail ! tcc ! to
[Download RAW message or body]

Hi I have this send to my FreeRadius Server from a BRAS that serves as a DHCP Server \
for Clients. I want to authorize my user using their phones number as send by the \
BRAS as the Calling-Station-Id below. I understand that I can't authenticate as this \
is DHCP, please correct me if I am wrong compare to PPPoE.

From BRAS to FreeRadius Server

BRAS (Cisco ASR 1001) -->  Freeradius Version 3.0.15


*Nov 21 14:28:36: RADIUS:  User-Name           [1]   10  "67624029"
Nov 21 14:28:36: RADIUS:  User-Password       [2]   18
*Nov 21 14:28:36: RADIUS:  Calling-Station-Id  [31]  10  "67624029"
*Nov 21 14:28:36: RADIUS:  NAS-Port-Type       [61]  6   Virtual                   \
                [5]
*Nov 21 14:28:36: RADIUS:  NAS-Port            [5]   6   0
*Nov 21 14:28:36: RADIUS:  NAS-Port-Id         [87]  35  "NUK-MSAN4 atm \
                16/13:0.34:67624029"
*Nov 21 14:28:36: RADIUS:  Vendor, Cisco       [26]  47
*Nov 21 14:28:36: RADIUS:   Cisco AVpair       [1]   41  "circuit-id-tag=NUK-MSAN4 \
                atm 16/13:0.34"
*Nov 21 14:28:36: RADIUS:  Vendor, Cisco       [26]  30
*Nov 21 14:28:36: RADIUS:   Cisco AVpair       [1]   24  "remote-id-tag=67624029"
*Nov 21 14:28:36: RADIUS:  Service-Type        [6]   6   Outbound                  \
                [5]
*Nov 21 14:28:36: RADIUS:  NAS-IP-Address      [4]   6   10.254.36.225
*Nov 21 14:28:36: RADIUS:  Acct-Session-Id     [44]  18  "0000000000000146"
*Nov 21 14:28:36: RADIUS:  Nas-Identifier      [32]  21  "HA_BNG3.kalianet.to"
*Nov 21 14:28:36: RADIUS:  Event-Timestamp     [55]  6   1574299716

My Default Server Control Portion.
This is the portion I believe it is relate to this where I attach some realm in this \
case (prepaid.to) . if ( &WiMAX-BS-Id ) {
                perl
                mschap
        }
        else {
        if ( &Calling-Station-Id ) {
                update request {
                &User-Name := "%{%{Stripped-User-name}:-%{User-Name}}@prepaid.to"
                }
                        ### for keyed-balance
                update control {
                        &Load-Balance-Key := "%{Calling-Station-Id}"
                }
        }
        else {
                if ( &User-Name !~ /\@/ ){
                update request {
                        &User-Name := "%{User-Name}@kalianet.to"
                }
                }
        }

I am not sure I have this as a valid start or this does something other than what I \
want to achieve. My problem I can summarise on these two points.


  1.  First how can I use my Calling Station to authorize the DHCP Clients. ???
  2.  Secondly if possible to do Authentication with Calling-Station-Id before \
address assigned to the Customer.??? Attached is the Debug File.



Confidentiality Notice: This email (including any attachment) is intended for \
internal use only. Any unauthorized use, dissemination or copying of the content is \
prohibited. If you are not the intended recipient and have received this e-mail in \
error, please notify the sender by email and delete this email and any attachment.


["DEBUG.RADIUS" (application/octet-stream)]
[Attachment #4 (text/plain)]

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

[prev in list] [next in list] [prev in thread] [next in thread]