[Chilli] CoovaChilli and dhcpgateway
Anatoly Oreshkin
Anatoly.Oreshkin at pnpi.spb.ru
Wed Mar 31 07:20:03 UTC 2010
You misunderstood me.
I would like wireless clients to get addresses from external dhcp server,
not from chilli. With dhcpgateway specified chilli relays dhcp request
to our dhcp server which assigns address to client from pool.
At the same time chilli itself assigns address to client.
For example, dhcpserver assigns address 10.2.3.7 but chilli assigns
10.2.3.45 and as I think, wants to work with client having address
10.2.3.45.
Really client has address 10.2.3.7 and I guess, because of
this a client can't authenticate through chilli.
How to make chilli not assign addresses itself but get from external
dhcp server ? Is it possible at all ?
We need external dhcp server also for wire clients.
My main idea is the following:
At present we have 3Com APs configured with security WPA2/AES
EAP-PEAP-MSCHAPv2
and authentication is performed via radius server. Wireless clients get
their fixed addresses from dhcp server by their MAC addresses.
Also we need temporary wireless connections (for workshops, conferences
...) using UAM authentication regardless of MAC addresses, only with
login and password.
So we would like to use the same APs for UAM authenticaton too using chilli
at the same time preserving secure authentication in secure SSID for
permanent clients.
For this end we configure on each AP second SSID but without security.
Temporary clients should connect to this insecure SSID, get
addresses from pool regardless of MAC addresses and authenticate through
chilli using UAM.
Any hints, ideas.
Thanks.
> Are you also using uamanyip? If so, try without.
>
>
> On Tue, 2010-03-30 at 19:50 +0400, Anatoly Oreshkin wrote:
>> Hello,
>>
>> My coovachili has such configuration:
>>
>> HS_WANIF=eth0 (195.19.214.216)
>> HS_LANIF=eth1
>> HS_NETWORK=10.2.3.0
>> HS_NETMASK=255.255.255.0
>> HS_UAMLISTEN=10.2.3.1
>>
>> I've configured coovachilli with dhcpgateway in order to get ip
>> addresses
>> for clients from external dhcp server. For this goal I've specified in
>> local.conf
>>
>> dhcpgateway=212.193.96.134 (external dhcp address)
>> dhcpgatewayport=67
>> dhcprelayagent=195.19.214.216 (chilli eth0 address)
>>
>> DHCP server is configured as:
>> subnet 10.2.3.0 netmask 255.255.255.0 {
>> option routers 10.2.3.1;
>> option subnet-mask 255.255.255.0;
>> range 10.2.3.2 10.2.3.254;
>> ...
>> }
>>
>> On chilli server in /var/log/messages I see
>>
>> New DHCP request from MAC=00-16-EA-8A-DE-38
>> Client MAC=00-16-EA-8A-DE-38 assigned IP 10.2.3.53
>>
>> On dhcp server in /var/log/messages I see
>>
>> DHCPDISCOVER from 00:16:ea:8a:de:38 via 195.19.214.216
>> DHCPOFFER on 10.2.3.2 to 00:16:ea:8a:de:38 (csd-notebook) via
>> 195.19.214.216
>> DHCPREQUEST for 10.2.3.2 (10.2.3.1) from 00:16:ea:8a:de:38 via
>> 195.19.214.216
>> DHCPACK on 10.2.3.2 to 00:16:ea:8a:de:38 via 195.19.214.216
>>
>> On client I see configuration
>> IP-address: 10.2.3.2
>> network mask: 255.255.255.0
>> gateway: 10.2.3.1
>> dhcp server: 10.2.3.1
>>
>> That is the client have got ip address from dhcp server rather than from
>> chilli. As the consequence of this the client could not authenticate
>> through
>> chilli.
>>
>> What is wrong ? What purpose is dhcpgateway designed for ?
>>
>> Thanks.
>>
>>
>>
>>
>>
>>
>>
>> _______________________________________________
>> Chilli mailing list
>> Chilli at coova.org
>> http://lists.coova.org/cgi-bin/mailman/listinfo/chilli
>
>
More information about the Chilli
mailing list