Restricting access by device

Tue, 14 Dec 2004 14:46:33 -0800

Excuse me if this is a simple question but I'm relatively new to RADIUS. I'm running FreeRADIUS 1.0.0 with LDAP authentication to provide AAA for our wireless network and cisco dial in server. I would like to restrict access by the device so that users are required to be in a certain group before they're allowed access to the dial in server but any valid LDAP username/password would work for the wireless network.

Ideally the RADIUS server could just use an LDAP group for this, such as requiring users authenticating from 192.168.5.5 to be a member of the group "cn=dialinusers,ou=radiusgroups". If there's some way to specify this in the users file or other RADIUS config file that would be less ideal but equally effective.

If this hasn't been done, is there any interest in collaborating on a patch?

Thanks,
Paul


- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to