On Thu, 20 Feb 2003, Joseph Raviele wrote:
> I am currently running FreeRadius 0.8.1 on RedHat 8.0. I have it working to
> authenticate any user against an iPlanet LDAP server, if the username and
> password are right it returns an accept and the user is all set. What I
> would like to do is tie our 2 Cisco VPN servers into this using a
> pre-existing LDAP attribute. Any user with the proper name and password gets
> dial in access, but only users with "x121address=yes" (generic pre-existing
> attribute we chose) get VPN access. I have read through the mail list
> archives, searched on the web and tried all of the suggested different ways
> and none of them seem to work. I have tried multiple instances of ldap, one
> with the attribute and one without. I have tried using autz-type. Is it
> possible for someone a little more knowledgeable to point me in the right
> direction. It seems as though it should just work with a few small changes
> to the radiusd.conf and users file. Thanks in advance for your time and
> help.
>
> - Joe
users file:
DEFAULT NAS-IP-Address == My.VPN.Server.Ip, Autz-Type := VPN_LDAP
ldap VPN_LDAP {
[...]
filter = "(&(uid=%{Stripped-User-Name:-%{User-Name}})(x121address=yes))"
}
blah blah blah
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
--
Kostas Kalevras Network Operations Center
[EMAIL PROTECTED] National Technical University of Athens, Greece
Work Phone: +30 210 7721861
'Go back to the shadow' Gandalf
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
