Brian Pavane <[EMAIL PROTECTED]> wrote:
> My goal is to be able to have users login into the Extreme as either
> normal (non enable/administrative) or with full configuration access.
So the NAS needs to tell the RADIUS server what it wants. See
'Service-Type' in the dictionary, or in:
http://www.freeradius.org/rfc/attributes.html
> bpavane@s01 [11:15 etc 21] tcsh# cat raddb/users
> brian Password="test123"
> Service-Type="1",
> filter-Id="unlim"
Hmm... you probably DO want spaces in the 'users' file entry. See
the one shipped with the server for more examples.
> rad_recv: Access-Request packet from host 64.xx.xx.161:1026, id=197,
> length=57
> User-Name = "brian"
> User-Password =
> "\336B\366e\216\036\356\031\264\337z\356\310s\037-"
> NAS-IP-Address = 10.1.2.105
> Service-Type = Login-User
That's it. The NAS *must* send Service-Type = Administrative-User
for, well, asdministrative users....
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
