Hi fellow radiator admins,
I have two NAS that use radiator as their authentication server. The 1st one
(NAS1) should *only* handle/authenticate users that carry the suffix "@stuff",
while (NAS2) should *only* authenticate users that do not have any suffix.
I have something like this in my config file (in that order):
-------------------------------------------------------------
<Handler User-Name=/\@stuff/>
RewriteUsername s/\@stuff//
<AuthBy RADIUS>
Host X.X.X.X
Secret ****
</AuthBy>
</Handler>
<Handler User-Name=/^./>
<AuthBy RADIUS>
Host Z.Z.Z.Z
Secret ****
</AuthBy>
</Handler>
-------------------------------------------------------------
What is happening now is that i.e. user "joe" is able to connect dialing
into NAS1 and NAS2 without no limitation, and also "user@stuff" is being
able to connect thru NAS1 and NAS2, which is not what i want. I want to
keep NAS1 only for users "joe@stuff" or alike, and NAS2 only for users
"joe" or alike.
Radius server with IP X.X.X.X does not have NAS2 configured as a client,
and radius server with IP Z.Z.Z.Z does not have NAS1 as its client either
but all users (with suffix or not) are able to dial into both NAS and
get authenticated.
Is there a way i can configure a certain <Handler> to allow *only*
authentication requests from one NAS based on its IP address or name?
Thanks a lot,
Enrique-
--
----------------------------------------------
RCP - Internet Peru Tel: +51 1 422-4848
Dpto de Operaciones Fax: +51 1 421-8086
----------------------------------------------
===
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
