Daniel Wells wrote:
> To get the Novell client to log in successfully over a juniper
> dynamic-vpn, apparently I need the radius server to pass the
> attributes "Juniper-primary-dns" and "juniper-secondary-dns" to the
> Juniper device making the requests of the radius server. I am
> currently using the freeradius that ships with OES 2 sp1. I have
> authentication against the radius server (integrated with eDir)
> working. But I am clueless as to how the above attributes are to be
> passed and I haven't been able to google anything useful so far.
>
> Could someone knowledgeable with freeradius in a novell environment,
> point me in the right direction?
it doesn't have much to do with eDir but I found this link:
http://www.google.com.au/url?sa=t&so...ed=0CAcQFjAA&u
rl=http%3A%2F%2Fwww.procurve.com%2FNR%2Frdonlyres% 2F06538B80-6DB0-4AC6-8
93E-8E8E12A180C6%2F0%2FConfiguringFreeRADIUSwithIDMbyE xample_Dec_07_WW_E
ng_Ltr.pdf&rct=j&q=freeradius+vendor+specific+attr ibutes+config+by+examp
le+procurve&ei=dXbySvTdNJGo6APP-pUM&usg=AFQjCNG2ojgpiCH213MKfbJz88WE7NHl
EQ
It describes that you can add the VCA's in a 'profile' I believe.
Something like:
myuser User-Password=="mypass"
Reply-Message = "welcome to the jungle.",
Tunnel-Medium-Type = 6,
Tunnel-Type = VLAN,
Tunnel-Private-Group-ID = 100,
HP-nas-filter-rule = "permit in icmp from any to any cnt",
HP-nas-filter-rule += "permit in udp from any to any 68 cnt",
HP-nas-filter-rule += "permit in udp from any to any 67 cnt",
HP-nas-filter-rule += "permit in udp from any to any 53 cnt",
HP-nas-filter-rule += "permit in tcp from any to any 8080 cnt"
Where the the lines starting with HP are vendor specific attributes. I
read though that they have to exist in a dictionary or something.
--
Cheers,
Edward
Re: freeradius and passing DNS server information
Threaded Mode
