Re: (RADIATOR) Minimum Handler + AuthBy to reject?

Mon, 21 May 2001 04:09:28 -0700 


Hello Neale -

The answer probably depends on what else you are wanting to do in your 
configuration file and/or your LDAP database.

I would suggest however, that a couple of DEFAULT entries in an AuthBy FILE 
might work for you. Something like this:

# users file

DEFAULT Client-Identifier=foo, NAS-Port-Type=Sync, Auth-Type=Reject....

DEFAULT Auth-Type=CheckLDAP


and in the configuration file:

# define AuthBy clauses

<AuthBy LDAP2>
        Identifier CheckLDAP
        ......
</AuthBy>

<AuthBy FILE>
        Identifier CheckFILE
        .....
</AuthBy>

# define Handler(s)

<Handler>
        AuthBy CheckFILE
</Handler>


hth

Hugh



On Monday 21 May 2001 19:45, Neale Banks wrote:
> I suspect there is a simple answer to this... ;-)
>
> Currently I have:
>
> <Handler Client-Identifer=foo>
>       [Blah]
>       <AuthBy LDAP2>
>               [other blah]
>       </AuthBy>
> </Handler>
>
> and it works just fine :-)  However, there's a need to refuse ISDN
> Authentication attempts, So I figure a solution like this:
>
> <Handler
> Client-Identifer=foo,Nas-Port-Type=Sync,Request-Type=Access-Request>
> <AuthBy ????>
>               [????]
>       </AuthBy>
> </Handler>
> <Handler Client-Identifer=foo>
>       [Blah]
>       <AuthBy LDAP2>
>               [other blah]
>       </AuthBy>
> </Handler>
>
> I suppose I could use
>
> <Handler
> Client-Identifer=foo,Nas-Port-Type=Sync,Request-Type=Access-Request>
> <AuthBy FILE>
>               FileName /foo/bar
>       </AuthBy>
> </Handler>
>
> and either use an empty file (assuming it's permissible) or a single
> DEFAULT entry like say:
>
> DEFAULT       Auth-Type = "Reject: ISDN calls not allowed"
>
> But is there anything simpler/more-elegant?
>
> Thanks,
> Neale.
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on [EMAIL PROTECTED]
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.

-- 
Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Reply via email to