hi, a quick glance at your question and i'd say you be better off using simple entries in the users file - simple check items (use huntgroups for your NAS addresses) with LDAP groups.
match the good stuff, set reply match the bad stuff, set reject. alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
