Sigh. I broke the cardinal rule of the list _again_. I'Ll grab a full debug log now.
Sorry for the spam. Dave Aldwinckle On 2013-08-13 11:22 AM, "Alan DeKok" <al...@deployingradius.com> wrote: >David Aldwinckle wrote: >> Is there a way that I can deny a specific realm when an access request >> is received from a specific client? > > Yes. > >> I tried adding something to policy.conf but I couldn't get the syntax >>right: > > So... what happened? Did you get an error? Is it a secret? > >> #Prevent secretrealm from logging in off-campus >> remote_secret_reject >> if ("%{Realm}" == "secretrealm.ca") && ((Client-Shortname == >> "proxy-client1") || (Client-Shortname == "proxy-client2"))) { >> reject >> } >> >> Is there a different way that I should be doing this? > > You can do it via a policy. But you have to get the syntax right. >See "man unlang" for documentation on the syntax. See the policy.conf >file for examples of working policies. > > Alan DeKok. >- >List info/subscribe/unsubscribe? See >http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html