Re: Radius question

• Previous message: InvictaNet Customer Support: "Radius question"
• In reply to: InvictaNet Customer Support: "Radius question"
• Next in thread: Steve Lalonde: "Re: Radius question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: InvictaNet Customer Support <support@invictanet.co.uk>
Date: Fri, 27 Jun 2003 23:17:02 +0100 (IST)

The AS5300 can do this directly - without the need for the proxy
radius server. Google for 'aaa dnis map enable' for examples of
how to configure it. But that may not scale well - e.g. having
to add/remove/change a phone number/radius server on lots of
individual AS5300s.

IIRC FreeRadius also provides this functionality so running it
on the proxy radius server should also work for you. Various
other radiusd's may also support this.

Rgds,

Dave

> Can anyone help please?
>
> I've seen this done a while back and would like to know how...
>
> Dialup system
> to
> Proxy Radius
> to
> Various radius servers using a variety of os/radius software.
>
> The proxy radius splits the incoming auth requests using the tel number that
> the customer has dialled e.g.
> Customer 1 dials 0845 123456 and the auth request goes to radius server
> xx.ww.ee.rr
> Customer 2 dials 0845 123457 and the auth request goes to radius server
> xx.ww.ee.gg
> Customer 3 dials 0845 123458 and the auth request goes to radius server
> xx.ww.rr.dd
> etc..
>
> We are using Cisco AS5300 for dialup and raddb as the proxy radius and would
> like to split in this way as it requires no config by the customer. At
> present, we split using realms but our highly advanced customers don't seem
> to be able to get the realm name right all the time.....
>
>
>
> Martyn Routley
> -----------------------------------------------------------------
> InvictaNet - The Internet in Plain English, Guaranteed
> http://www.invictanet.co.uk
> martyn@support.invictanet.co.uk
> phone: 08707 440180
> fax: 08707 440181
> Ask us about our online Antivirus and Junk mail scanning service
> -----------------------------------------------------------------
>
> _______________________________________________
> freebsd-isp@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-isp
> To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"
>
_______________________________________________
freebsd-isp@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"

• Previous message: InvictaNet Customer Support: "Radius question"
• In reply to: InvictaNet Customer Support: "Radius question"
• Next in thread: Steve Lalonde: "Re: Radius question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: IAS Proxy - adding reply attributes ... The proxy will add both. ... > We are using Activcard to authenticate users, but I can't seem to be> able to get Activcard to supply the correct RADIUS reply attributes,> with the result that the PPTP connection attempts fail. ... > What I need to find out is: can IAS proxy requests to the Activcard> RADIUS server, and then add RADIUS-reply attributes to the replies that> get sent back to my Cisco PIX firewall? ... Or will it only send back the> attributes that come from the Activcard RADIUS server? ... (microsoft.public.internet.radius) Using RADIUS with multiple proxy sources ... I'm interested in best practices or past experiences setting up RADIUS ... I can set up a RADIUS server to proxy the login request to a token ... (comp.security.misc) Using RADIUS with multiple proxies ... I'm interested in best practices or past experiences setting up RADIUS ... I can set up a RADIUS server to proxy the login request to a token ... (comp.security.firewalls) Radius question ... The proxy radius splits the incoming auth requests using the tel number that ... Customer 1 dials 0845 123456 and the auth request goes to radius server ... (freebsd-isp)