---------- Forwarded Message ----------
Subject: Re: (RADIATOR) access-list via cisco-avpair Date: Fri, 15 Nov 2002 21:55:41 +1100 From: Paul Pilsbury <[EMAIL PROTECTED]> To: Mike McCauley <[EMAIL PROTECTED]> Hi, I think we did this once with cisco avpairs. Although its much easier to load the access-list on the NAS and call that with Filter-Id = "filterlist.in" e.g :- AddToReply \ cisco-avpair = "ip:inacl#5=permit ip any 10.0.0.1 0.0.0.255", \ cisco-avpair = "ip:inacl#15=permit ip any host 192.168.1.1", \ cisco-avpair = "ip:inacl#20=permit udp any any eq domain", \ cisco-avpair = "ip:inacl#25=permit tcp any any eq domain", \ cisco-avpair = "ip:inacl#30=permit tcp any any established", \ cisco-avpair = "ip:inacl#35=permit udp any any range 1024 9000", \ cisco-avpair = "ip:inacl#99=deny ip any any" Hope this helps, PP On Fri, Nov 15, 2002 at 09:38:36PM +1100, Mike McCauley said: | ---------- Forwarded Message ---------- | | Subject: BOUNCE [EMAIL PROTECTED]: Non-member submission from ["Fred | Albrecht" <[EMAIL PROTECTED]>] | Date: Thu, 14 Nov 2002 23:04:37 -0600 | From: [EMAIL PROTECTED] | To: [EMAIL PROTECTED] | | >From [EMAIL PROTECTED] Thu Nov 14 23:04:37 2002 | | Received: from cmail-3.worldonline.co.za (cmail-3.worldonline.co.za | [196.41.128.93]) by server1.open.com.au (8.11.0/8.11.0) with ESMTP id | gAF54ZC09795 | for <[EMAIL PROTECTED]>; Thu, 14 Nov 2002 23:04:36 -0600 | Received: from mail.za.tiscali.com ([196.25.100.22]) by | cmail-3.worldonline.co.za (Netscape Messaging Server 4.15) with | ESMTP id H5M3LY00.D0V for <[EMAIL PROTECTED]>; Fri, 15 Nov | 2002 11:56:22 +0200 | content-class: urn:content-classes:message | MIME-Version: 1.0 | Content-Type: text/plain; | charset="iso-8859-1" | Subject: access-list via cisco-avpair | X-MimeOLE: Produced By Microsoft Exchange V6.0.5762.3 | Date: Fri, 15 Nov 2002 11:56:21 +0200 | Message-ID: <BE98FC8FD4B8664EA348B7E70E516A5F33A634@ENG> | X-MS-Has-Attach: | X-MS-TNEF-Correlator: | Thread-Topic: (RADIATOR) Renaming cisco-avpair | Thread-Index: AcKHaTSv2IdbsRasTh69UScinz/5QAFI1XHg | From: "Fred Albrecht" <[EMAIL PROTECTED]> | To: <[EMAIL PROTECTED]> | Content-Transfer-Encoding: 8bit | X-MIME-Autoconverted: from quoted-printable to 8bit by server1.open.com.au | id gAF54bC09797 | | Hi | | I've looked through the archives concerning this topic and could not find | an answer that makes sense to me. I also realise that this is a Cisco | question, but since I'm trying to do this via Radiator I thought someone | here may have done a similar thing allready. Does anyone know how to | restrict a dialup user to only see dns, pop3, smtp and one server, eg | 10.10.10.10 on port 80, using a cisco-avpair, configured inside a Radiator | config file. Please, this is urgent and any leads will be appreciated. | | Thx | | :) | | Fred Albrecht | IP Specialist | | World Online | A Division of Tiscali (Pty) Ltd | Office: +27 21 940-9807 | Fax: +27 21 940-9103 | Mobile: +27 82 52 00 165 | e-mail: [EMAIL PROTECTED] | http://www.worldonline.co.za | | Disclaimer: This email is considered a business record and is therefore | property of Tiscali. This email, and any files transmitted with it are | confidential and are intended solely for the use of the individual or | entity to whom they are addressed. This communication represents the | originator's personal views and opinions, which do not necessarily reflect | those of Tiscali. If you are not the original recipient or the person | responsible for delivering the email to the intended recipient, be advised | that you have this email in error, and that any use, dissemination, | forwarding, printing, or copying of this email is strictly prohibited. If | you received this email in error, please immediately notify | [EMAIL PROTECTED] | | ------------------------------------------------------- | | -- | Mike McCauley [EMAIL PROTECTED] | Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW | 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au | Phone +61 3 9598-0985 Fax +61 3 9598-0955 | | Radiator: the most portable, flexible and configurable RADIUS server | anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, | Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, | TTLS etc on Unix, Windows, MacOS etc. | | === | Archive at http://www.open.com.au/archives/radiator/ | Announcements on [EMAIL PROTECTED] | To unsubscribe, email '[EMAIL PROTECTED]' with | 'unsubscribe radiator' in the body of the message. -- Paul Pilsbury System Administrator [EMAIL PROTECTED] ------------------------------------------------------- -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS etc on Unix, Windows, MacOS etc. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
