>It looks like I'm interested in the 'Realm' or 'Proxy-To-Realm'
>attributes, but I'm not sure where to put them. I think that
>I'd have to do this in the users file, but I'm not sure if
>that is too late in the process. Maybe something along these lines:
>
> DEFAULT Huntgroup-Name == "cisco-router-user"
> Proxy-To-Realm = "sybase.com"
>
Close... try
DEFAULT Huntgroup-Name == "cisco-router-user", Proxy-To-Realm :=
"sybase.com"
or
DEFAULT Huntgroup-Name == "cisco-router-user", Realm :=
"sybase.com"
Sorry, I'm not sure which one you need. But the second one is probably
only useful if your authorize section is processing the "realm" module.
Putting the attributes on the first line tells freeRADIUS to add the
attributes to the RADIUS request, whereas the following lines are used
to add attributes to the RADIUS reply.
>
>The rational behind what I'm trying to do is that I might have
>a cisco AS5300 with ISDN and Async lines as well as telnet/ssh
>access. And the goal is to limit who can telnet/ssh to this
>box while not limiting who can dial into the box, but having a
>desire that the people dialing into the box have to use a
>tokens instead of password.
>
Not sure about this bit...maybe someone else can answer that.
Hope that helps,
Mike
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
