David Aldwinckle wrote:
> Is there a way that I can deny a specific realm when an access request
> is received from a specific client?
Yes.
> I tried adding something to policy.conf but I couldn't get the syntax right:
So... what happened? Did you get an error? Is it a secret?
> #Prevent secretrealm from logging in off-campus
> remote_secret_reject
> if ("%{Realm}" == "secretrealm.ca") && ((Client-Shortname ==
> "proxy-client1") || (Client-Shortname == "proxy-client2"))) {
> reject
> }
>
> Is there a different way that I should be doing this?
You can do it via a policy. But you have to get the syntax right.
See "man unlang" for documentation on the syntax. See the policy.conf
file for examples of working policies.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
