|
Hi all,
We are a small ISP in Vietnam, and we just want to
setup a Radiator Radius server to handle some Ness with separate user groups.
Each user group stored in different database, and each NAS will authenticate
with different user.
For example : for NAS_1, user@realm, database
users_dab
NAS_2, user@realm, database
users_db2
etc ...
And We don't want user in realm1, authenticated by
any NAS else except NAS_1 and vice versa.
We just set up our Radiator Radius server like
is:
<Client
NAS_1>
Secret
something
DefaultRealm
realm1
# this line
will rewrite any other realm to unknown realm
RewriteUsername s/^([^@]+)@realm2/$1@unknownrealm/
RewriteUsername s/^([^@]+)@realm3/$1@unknownrealm/
etc
....
</Client>
<Client NAS_2>
Secret
something
DefaultRealm
realm2
# this line
will rewrite any other realm to unknown realm
RewriteUsername s/^([^@]+)@realm1/$1@unknownrealm/
RewriteUsername s/^([^@]+)@realm1/$1@unknownrealm/
etc
....
</Client>
<Realm realm1>
<Authby SQL>
# a database for
realm1
</Authby>
</Realm>
<Realm realm2>
<Authby SQL>
# a database for
realm2
</Authby>
</Realm> We hope this set up will satisfy our need, but We hope anyone
can advise us a better idea.
Thank you very much.
|
