Hello Hakim -
On Wed, 20 Sep 2000, Hakim wrote:
> hello!!!
> I have configured the Radius and it works fine for PPP.
>
> My problems is i just want only one user root to be allowed to telnet to
> the router.
> Currently the NAS is configured not to allow telnet sessions.
>
> Any method ??
>
There are a couple of things to consider here. First, do you really want to
only have Radius authorise administrative logins to the router? You need to be
careful that you don't create a situation in which you can't access the
router(s) if you have a problem with Radius. Second, if you do want to allow
administrative telnet access to the router, it is usually a good idea to put
strict access lists on those connections to limit them to only a few hosts (or
perhaps the administrative subnet).
In any case, to configure Radiator to deal with these as special cases, the
best approach is to use Handlers using the Service-Type attribute to
differenciate between PPP connections and telnet connections.
<Handler Service-Type = Login-User>
.....
</Handler>
<Handler .....>
......
</Handler>
<Handler>
.....
</Handler>
hth
Hugh
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
