Techniques for assigning a network address to a host are based on
authentication for a connection between the host and an intermediate
device. One approach involves receiving first data at the intermediate
device from an authentication and authorization server in response to a
request for authentication for the connection. The first data indicates
at least some of authentication and authorization information. A
configuration request message from the host is also received at the
intermediate device. A second message is generated based on the
configuration request message and the first data and is sent to a
configuration server that provides the logical network address for the
host. The configuration server provides the logical network address based
on authorization and authentication information. The logical network
address is thus based on the user, e.g., to limit access by the user to
the Internet and other services.