Having problems getting access reject to work, seems like no matter what I
try it lets this test user on in every realm
I am using cistron compat to accommodate my userfile inputted by rodopi
dialuptest Password = "secret"
Framed-Protocol = PPP,
Service-Type = Framed-User,
Session-Timeout = 14400,
Ascend-Data-Filter = "ip in forward tcp est",
Ascend-Data-Filter = "ip in forward dstip 0.0.0.0/24",
Ascend-Data-Filter = "ip in drop tcp dstport = 25",
Ascend-Data-Filter = "ip in forward",
Port-Limit = 1,
Realm = "foo.net", Auth-Type = Reject
I have tried adding the ! and : symbol in the above line (makes no
difference)
Still can login on all three realms
Also have tried the realm item as a check item, quote, and no options with
same results
If a check item its placed on same line as username etc but still no go as
below example
dialuptest Password = "secret" Realm = "foo.net", Auth-Type =
Reject
Jeff
-----Original Message-----
From: [email protected]
[mailto:[email protected]] On
Behalf Of Chris
Sent: Sunday, February 14, 2010 12:33 PM
To: FreeRadius users mailing list
Subject: Re: Allowing user from one realm but not another
On Feb 14, 2010, at 6:11 AM, Jeff A wrote:
> Your idea is best.
> I think I will modify, but for a work around till I get a chance to get
> everything turned around.
> I will use Alan's example..
>
> My question is this
> Can his example contain more than one realm to reject between the quotes?
>
> bob Realm != "foo.net", Auth-Type := Reject
>
That's not the realm you're rejecting, but the one you're accepting,
rejecting access if the username is "bob" and the realm is not equal to
"foo.net."
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
