[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freeradius-users
Subject:    Re: VRF config from v2 to v3
From:       Alan DeKok <aland () deployingradius ! com>
Date:       2021-08-23 15:27:20
Message-ID: 43D41E48-F060-4FD2-929D-26E80A333374 () deployingradius ! com
[Download RAW message or body]

On Aug 23, 2021, at 11:17 AM, Richard Mealing <richard@fastnet.co.uk> wrote:
> 'Basically' this - Cisco NAS's will kick users who assign a VRF after assigning an \
> IP address. The VRF must come first.

  OK.

> All users authenticate and radreply works apart from vrf users. We are using cisco \
> NAS. For example -  | 26726947 | someuser@myrealm | Framed-IP-Address | =  | \
> 192.168.173.100 	| | 26726948 | someuser@myrealm | Cisco-AVPair      | += | \
> ip:vrf-id=myVRF           | | 26726949 | someuser@myrealm | Cisco-AVPair      | += \
> | ip:ip-unnumbered=Loopback 19       | | 26726950 | someuser@myrealm | Cisco-AVPair \
> | += | ip:route=192.168.6.0 255.255.255.0 |

  That will work.

> This came up at the last minute so I have not had time to debug, I just wondered if \
> someone knew a quick fix! 

  Simple solutions are the best.

  The "extra" operators just aren't necessary.  i.e. It's not clear to my why people \
would create a configuration which does "add A, B, and C.  OOPS!  I forgot D!  Add it \
before A"

  Just create the configuration *correctly* in the first place.  It's ever so much \
easier.

  Alan DeKok.


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


[prev in list] [next in list] [prev in thread] [next in thread]