Secure ACS 5 for IP address assignment via RADIUS?

markuswirth85 · ‎01-14-2013

Hey there!

I want to use RADIUS (of Secure ACS 5.3) to authenticate users within an ISP environment. Users log connect to a network using a point to point connection (L2) and then they are sending a RADIUS request to get IP adresses. Secure ACS is not quite easy to look through in that case.

Anyone has an idea?

I want to handover the following IETF values:

Framed ID

Framed Subnet Mask

Framed Route

that should be enough I think.

Thanks in advane for any help!

Regard!

Markus

Amjad Abdullah · ‎01-15-2013

Hi,

I have a qeustion? what is the device that sends the RADIUS request?

That devices must be added in the devices list in the RADIUS server, so waht is that device in your scenario?

Rating useful replies is more useful than saying "Thank you"

markuswirth85 · ‎01-15-2013

Hi!

It deals with mobile devices. Mobile devices logon to a ISP network via APN and then they send a request for an ip address to the ISP radius, which then sends the relay to my server.

Regards!

Markus

Amjad Abdullah · ‎01-16-2013

If the ISP radius forwards the requests to you then the ISP RADIUS server must be added as a NAS in your ACS so it can authenticate against your ACS server.

You must know what type of authenticaion protocol the ISP RADIUS uses (PAP, CHAP...etc) to send the request to your ACS and enable that type on the service request you create on your ACS.

You create the policy normally and in the authorization profile for the successfully authenticated users you must assign the attributes you mentioned above.