Community discussions

 
User avatar
NAB
Trainer
Trainer
Topic Author
Posts: 503
Joined: Tue Feb 10, 2009 4:08 pm
Location: UK
Contact:

RADIUS and service types...

Thu Mar 06, 2014 11:19 am

I have a problem. We have a RB which acts as a concentrator/LNS and uses RADIUS.

We have some people connecting who should only use L2TP, some who may use SSTP or L2TP and some who may use PPTP

Using RADIUS, is there a way of limiting the service type permitted for a specific user? I've done a load of debugging and cannot see the requested service type being passed to RADIUS, so I am unable to do a radcheck against something like a Service-Type attribute. For information, this is what I receive on a vanilla L2TP connection request:
Service-Type = Framed-User
Framed-Protocol = PPP
NAS-Port = 36292
NAS-Port-Type = Virtual
User-Name = "bsjtf4ju7txfka"
Calling-Station-Id = "10.2.255.1"
Called-Station-Id = "10.2.255.254"
MS-CHAP-Challenge = 0x8ebe3fffb7892da507bd5c2253
MS-CHAP2-Response = 0x0100d745c723c3267b82423c32e955bc56acc1d1918457d0
NAS-Identifier = "Sydney"
NAS-IP-Address = 10.2.255.254
Is the only way of doing this to have separate boxes each supporting only specific tunnel mechanisms?
Nicholas Barnes BSc(hons)
Certified Mikrotik Consultant
Certified Mikrotik Trainer

Vitell - Asterisk, Linux and network consultants
Unofficial IRC channel: #routerboard on irc.z.je

Who is online

Users browsing this forum: No registered users and 106 guests