pershendetje/Hi dashamir. sorry for my english , not my mother language.
i use the same scenario at our isp but we check the MAC address of the NAS where the client comes from. In mysql we have: +----+----------+--------------------+----+--------------+ | id | username | attribute | op | value | +----+----------+--------------------+----+--------------+ | 1 | orion | Calling-Station-Id | == | 001bd136e285 | | 2 | orioni | Cleartext-Password | := | test | | 3 | orioni | Simultaneous-Use | := | 2 | +----+----------+--------------------+----+--------------+ shnet e pare / bye. On 17/01/2008, Dashamir Hoxha <[EMAIL PROTECTED]> wrote: > > Hi, > > Actually, what I am trying to do is this: > I have several access points that have hotspot > and use radius for AAA. I would like to register > users in radius so that they are able to login > using some of the access points, and not able to > login using the others. > > The way that I was trying to do it is like this: > Suppose that there are the access points A1, A2, A3 > and the user 'test' should be able to access the > internet only from A1 and A3. The data in radius > that would make this scenario work, could be like this: > > radcheck: > +------+----------+------------------+----+-------+ > | id | UserName | Attribute | op | Value | > +------+----------+------------------+----+-------+ > | 5272 | test | User-Password | := | test | > | 5262 | test | Simultaneous-Use | := | 5 | > +------+----------+------------------+----+-------+ > > radreply: > +----+----------+---------------+----+----------+ > | id | UserName | Attribute | op | Value | > +----+----------+---------------+----+----------+ > | 42 | test | Auth-Type | := | Reject | > | 43 | test | Fall-Through | := | Yes | > +----+----------+---------------+----+----------+ > > usergroup: > +----------+-----------+----------+ > | UserName | GroupName | priority | > +----------+-----------+----------+ > | test | A1 | 1 | > | test | A2 | 1 | > | test | A3 | 1 | > +----------+-----------+----------+ > > radgroupcheck: > +----+-----------+----------------+----+-------+ > | id | GroupName | Attribute | op | Value | > +----+-----------+----------------+----+-------+ > | 42 | A1 | NAS-Identifier | == | ID-A1 | > | 43 | A2 | NAS-Identifier | == | ID-A2 | > | 44 | A2 | NAS-Identifier | == | ID-A3 | > +----+-----------+----------------+----+-------+ > > radgroupreply: > +----+-----------+---------------+----+--------+ > | id | GroupName | Attribute | op | Value | > +----+-----------+---------------+----+--------+ > | 52 | A1 | Auth-Type | := | Accept | > | 53 | A1 | Fall-Through | := | No | > | 54 | A2 | Auth-Type | := | Reject | > | 55 | A2 | Fall-Through | := | Yes | > | 56 | A3 | Auth-Type | := | Accept | > | 57 | A3 | Fall-Through | := | No | > +----+-----------+---------------+----+--------+ > > However, if the radius does not follow the algorithm > described in http://wiki.freeradius.org/Rlm_sql, > then this setup should not work. > > Do you have any suggestion or idea on how to make the > scenario above work? > > Regards, > Dashamir > > > Dashamir Hoxha wrote: > > I have installed freeradius-1.1.7 in fedora8. However I find that the > > module > > rlm_sql does not work as described in this page: > > http://wiki.freeradius.org/Rlm_sql > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html >
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html