> > Say, you want to leave aside one port or phone number for system
> > check and do not want to allow other users to access this
> > number. Only the system manager will be able to call and log in to
> > this number. Thanks for any suggestions, Masroor.
>
> You can configure the radius server to reject everyone who's NOT the
> admin.
>
> DEFAULT User-Name != "admin", Called-Station-Id = "5551212", Auth-
Type :=
> Reject
> Reply-Message = "You're not allowed to use this line"
Called-Station-Id won't work in Bangladesh, as the PSTN (T&T) switches don't
report the caller-id (phone number) to the nas. Even if your NAS has the
capability for caller id, as the PSTN is not reporting it, you are helpless,
unless you have an E1 connection to the PSTN.
One easy solution could be restrict the port for that specific NAS where the
phone line is plugged. You can try these:
admin NAS-IP-Address == "192.168.1.20", NAS-Port == "55", Auth-Type :=
Accept
Fall-Through = Yes
DEFAULT NAS-IP-Address == "192.168.1.20", NAS-Port == "55", Auth-Type :=
Reject
Reply-Message = "You're not allowed to use this line"
OR, in one statement it can be:
DEFAULT User-Name != "admin" NAS-IP-Address == "192.168.1.20", NAS-Port
== "55", Auth-Type := Reject
Reply-Message = "You're not allowed to use this line"
Regards,
Ziaur Rahman
CTO, Dhakacom Limited
www.dhakacom.com
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
