"Saunders, Shawn" <[EMAIL PROTECTED]> wrote: > I would like to configure Freeradius to house the DACLs as the department > that directly manages our PIX will not put them on the PIX. But they will > point the PIX to our RADIUS server for authentication of VPN sessions.
You need to consult your PIX documentation to see how it expects to receive the DACL's from the RADIUS server. Once you know that, the configuration of FreeRADIUS should become much more obvious. > I would also like on some users to be able to limit the machines they have > access to (on our internal network) from their VPN connection. RADIUS doesn't do that, the PIX does. > I am new to this list and freeradius, sorry for the lack of info in the > previous post. I would appreciate some advise, if you need additional info, > constructive questions of what type of information would be helpful. First decide what information the PIX needs, and in what format. Then, configure FreeRADIUS to send that information. If you're trying to configure FreeRADIUS without knowing what the PIX needs, you will *never* make it work. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
