This works great, thanks!
And here's a note for anyone searching the archives...
Add localhost with different ports to the huntgroups used to select Autz-Types, and you have testing made easy!
dialup NAS-IP-Address == 127.0.0.1, NAS-Port == 0 dsl NAS-IP-Address == 127.0.0.1, NAS-Port == 1
-- Omniflux
Mitchell, Michael J wrote:
Is it possibly to use different SQL authorize check queries based on the NAS the request is coming from?
Yep, sure is.
What you need to do is define multiple sql module instances in the modules section of radiusd.conf (eg include multiple sql.conf files):
sql sql1 { blah = ... }
sql sql2 { blah = ... }
In the authorize section of radiusd.conf you need to specify the Autz-Type to use to call each of the sqlx modules, eg:
preprocess files
...
Autz-Type SQL1 { sql1 }
Autz-Type SQL2 { sql2 }
Finally, in the users file define the conditions that will cause each of the Autz-Types to be set, eg:
DEFAULT Client-IP-Address == "123.123.123.123", Autz-Type := sql1 DEFAULT Huntgroup == "dsl", Autz-Type := sql12
etc...
The authorize section is possibly parsed twice, once with Autz-Type not set, and the second time with Autz-Type set (if required I think)
Hope that helps, Mike
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
