Hi all,

Here is the situation.

We have a freeradius server that receives autnetication/authorization
requests from multiple vpn servers.

For just CERTAIN servers we want to return a Framed-IP-Address via
radreply.

We would control the Framed-IP-Address return value (if any) via
Nas-Identifier parameter that we receive from the VPN servers.

So the logic of the process would be :

Receive auth request from VPN server
---> Authenticate/Authorize user (via radcheck, checking expiration
date, number of simultaneous logins ...). ---> If NAS-Identifier = X
then return (via radreply)  Framed-IP-Address=Y ---> If NAS-Identifier
= Z then return (via radreply)  Framed-IP-Address=W ---> otherwise
don't return a Framed-IP-Address

Is this possible somehow ?

We are using SQL module in freeradius.

Details :

Debian 5.0.4
freeradius 2.0.4+dfsg-6


Regards,


Pere

-- 
Pere Hospital, CISSP®, OSCP®
secWays
Security First

p: +34 933905455
m: +34 649827299
e: p...@secways.com
w: www.secways.com

PGP keyid: 0x100D35BDA0F669A8 
http://keyserver.pgp.com

Attachment: signature.asc
Description: PGP signature

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to