Disable unknown IP Address pool from Authentication

IPoE related questions
Post Reply
anarayan20000
Posts: 13
Joined: 01 Dec 2015, 09:38

Disable unknown IP Address pool from Authentication

Post by anarayan20000 »

Hi,

My Config..

[ipoe]
verbose=100
username=lua:username
lua-file=/etc/accel-ppp.lua
lease-time=60
max-lease-time=60
gw-ip-address=10.13.24.1/24
nat=0
proxy-arp=0
shared=1
ifcfg=1
mode=L2
interface=eth3,start=up,start=dhcpv4,mode=L2

I should get request from only 10.13.24.0/24 for AAA authentication, But I see authentication from all other networks, not specified on gw-ip-address.

log..

[2016-08-01 20:09:19]: info: ipoe1: create interface ipoe1 parent eth2.822
[2016-08-01 20:09:19]: debug: ipoe1: radius(1): req_enter 2
[2016-08-01 20:09:19]: info: ipoe1: send [RADIUS(1) Access-Request id=1 <User-Name "10.11.73.225"> <NAS-Identifier "test"> <NAS-IP-Address 192.168.10.50> <NAS-Port 86459> <NAS-Port-Id "ipoe1"> <NAS-Port-Type Ethernet> <Calling-Station-Id "0c:c4:7a:50:32:05"> <Called-Station-Id "eth2.822"> <Framed-IP-Address 10.11.73.225> <User-Password >]
[2016-08-01 20:09:20]: debug: ipoe1: radius(1): req_exit 1
[2016-08-01 20:09:20]: info: ipoe1: recv [RADIUS(1) Access-Reject id=1 <Reply-Message "Wrong user">]
[2016-08-01 20:09:20]: warn: ipoe1: authentication failed
[2016-08-01 20:09:20]: debug: libnetlink: RTNETLINK answers: No such file or directory
[2016-08-01 20:09:20]: debug: ipoe1: terminate
[2016-08-01 20:09:20]: info: ipoe1: ipoe: session finished

how do I stop request from unknown IP pool to hit for authentication.

Thanks
A Narayan
anarayan20000
Posts: 13
Joined: 01 Dec 2015, 09:38

Re: Disable unknown IP Address pool from Authentication

Post by anarayan20000 »

Hi,

I know i can use local-net, but is there any way I can stop unknown ip address on accel-ppp by default.
local-net=10.0.0.0/8

Thanks and regards
A Narayan
Dmitry
Администратор
Posts: 954
Joined: 09 Oct 2014, 10:06

Re: Disable unknown IP Address pool from Authentication

Post by Dmitry »

hi,
no, there is no way to exclude some kind of traffic, any traffic on specified interfaces is assumed as client traffic
Post Reply