Is it possible to specify a range of IP addresses in a huntgroups file?
What I am trying to accomplish is:
1) AAA authentication to our Cisco devices using radius
2) Only allow people in a specific group to access the devices
3) Reject everyone else.
I am using the following:
huntgroups:
-------------------
netgear NAS-IP-Address == 172.20.120.75
users:
----------
[EMAIL PROTECTED] Auth-Type := Local, User-Password == "testing",
Huntgroup-Name == "netgear"
Service-Type = NAS-Prompt-User,
cisco-avpair = "shell:priv-lvl=15"
DEFAULT Auth-Type := Reject, Huntgroup-Name == "netgear"
Reply-Message = "Not Authorized to access this gear"
This works just fine, but we have well over 600 devices. If at all
possible I would like to specify network ranges instead of individual
IP addresses in the huntgroups file (similar to what I can do in the
clients.conf file). Is this possible? If it is not possible in the
huntgroups is there a better way to do what I want to accomplish?
Thanks in advance!
--
Jason E. Murray
[EMAIL PROTECTED]
http://unixhosts.us/
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
