Re: Dynamic IP Pool with IAS and Third-party NAS

---

• From: "James McIllece [MS]" <jamesmci@xxxxxxxxxxxxxxxxxxxx>
• Date: Tue, 14 Nov 2006 17:19:16 -0800

---

"James McIllece [MS]" <jamesmci@xxxxxxxxxxxxxxxxxxxx> wrote in
news:Xns987B972F9310Bjamesmcionlinemicros@xxxxxxxxxxxxx:

"ericstraw@xxxxxxxxx" <ericstraw@xxxxxxxxx> wrote in
news:1163425845.709523.25120@xxxxxxxxxxxxxxxxxxxxxxxxxxxx:

Hello, I am needing to set up a Radius server that is capable of
providing both static and dynamic IP addresses to clients that are
authenticating to a third-party NAS at an ISP. The IAS servers are
able to successfully authenticate and provide static addresses to the
clients connecting to the NAS, but I am unable to configure IAS to
provide a dynamic address from a pool. The NAS will not provide an
IP pool so I need Radius to assign an address from the IP pool and
return it in the framed-ip-address attribute.

My main question is whether this a possibility using IAS and if so
would someone have insight on how to go about doing this?

Best Regards,
Eric

Hi Eric --

I asked the product team about this and here is the response I have
received from them:

"...IAS can provide an IP address (if defined on user properties in
SAM/AD) or an IP-pool tag - this is NAS specific. It's up to the NAS
to assign an IP address based on IP-pool tag. I don't think IAS can
obtain an IP address from DHCP (for the user) and then assign that to
user (send in Access- Accept packet)."

You might also find this KB article for Windows Server 2000 interesting:

279101 How to Set the Framed IP Address Attribute in Windows 2000 Internet
Authentication Service
http://support.microsoft.com/default.aspx?scid=kb;EN-US;279101

--
James McIllece, Microsoft

Please do not send email directly to this alias. This is my online account
name for newsgroup participation only.

This posting is provided "AS IS" with no warranties, and confers no rights.
.

---

• References:
  • Dynamic IP Pool with IAS and Third-party NAS
    • From: ericstraw@xxxxxxxxx
  • Re: Dynamic IP Pool with IAS and Third-party NAS
    • From: James McIllece [MS]

• Prev by Date: Re: Dynamic IP Pool with IAS and Third-party NAS
• Next by Date: GPO and WLAN settings in Windows2000server
• Previous by thread: Re: Dynamic IP Pool with IAS and Third-party NAS
• Next by thread: Licensing?
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: IAS Authentication based on AD OU ... > remote access policy to just one OU? ... you can do this with IAS. ... connecting through a specific NAS. ... Add the NAS-IP-Address attribute in the RAP policy conditions, ... (microsoft.public.internet.radius) Re: Dynamic IP Pool with IAS and Third-party NAS ... providing both static and dynamic IP addresses to clients that are ... authenticating to a third-party NAS at an ISP. ... The IAS servers are ... able to successfully authenticate and provide static addresses to the ... (microsoft.public.internet.radius) Re: remote access policy profile filtering ... It's the responsibility of the NAS to apply these (not IAS). ... ACL's to PIX through Cisco AV pairs. ... (microsoft.public.internet.radius) Re: ?IAS? ... IAS can assign static IP addresses (which may or may not be honored by the ... IAS doesn't handout DHCP addresses, nor can it assign IP addresses(from a ... Force NAS to supply IP Address ... > Is it possible to use IAS for a client to authenticate to a server to get an> IP address from DHCP on a LAN? ... (microsoft.public.win2000.networking) Locking down IAS and NAS ... Ive got large W2K3 IAS setup authenticating all kinds of logins. ... Currently IAS autheticates users logging into Cisco Routers and ... Swithces via telnet or SSH to admin the box, ... (microsoft.public.internet.radius)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Internet  > microsoft.public.internet.radius  > 2006-11