Well, as promised here is the way I'm implementing it. I only did a small
scale test. The big test and implementation will be for the next comming
weeks. So far everything worked the way it should.
hope I can help someone with this explenation.
First install debian via net
Than install
-To: FreeRadius users mailing list
freeradius-users@lists.freeradius.org
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Subject: RE: restricting access for users
Date: Mon, 13 Jun 2005 09:49:00 -0400 (EDT)
Try this.
huntgroups
diegem NAS-IP-Address == 10.5
Yes this is my experience as well. Running v 1.0.2 there was nothing in the
change log for 1.0.3 to say this was fixed either.
Just as a note when I posted these findings nothing came back.
I was using an ldap backend as well. It would be great to have a detailed
explaination of this one and
Hi Alan,
thank you for replying,
this is how I tried this before, I will try to keep this as short as
possible.
1)
users:
bob Password == bob, Huntgroup-name == diegem
Login-Service = 0,
Vendor-Specific = 9,
Reply-Message = Hello, bob,
Cisco-AVpair =
To: freeradius-users@lists.freeradius.org
Subject: RE: restricting access for users
Hi Alan,
thank you for replying,
this is how I tried this before, I will try to keep this as short as
possible.
1)
users:
bob Password == bob, Huntgroup-name == diegem
Login-Service = 0
Try this.
huntgroups
diegem NAS-IP-Address == 10.5.x.x
diegem NAS-IP-Address == 10.5.x.x
diegem NAS-IP-Address == 10.5.x.x
brusselsNAS-IP-Address == 10.2.x.x
users file
#note: there is no default auth-type = system here
DEFAULT Group ==
I have a second issue with this in that the users file has a defulat
reject if the group is not matched. This also is not being used
correctly by freeradius. The user defaults into that if there group does
not match but does not get rejected.
I have never noticed any problems like that
2005 14:52
To: FreeRadius users mailing list
Subject: RE: restricting access for users
I have a second issue with this in that the users file has a defulat
reject if the group is not matched. This also is not being used
correctly by freeradius. The user defaults into that if there group does
Martial VdB [EMAIL PROTECTED] wrote:
Ive tried several setups by using the huntgroups and using system as
authentication method but I can't get the huntgroup validation to work. It
looks like the huntgroups are just ignored. Everyone can just enter any
device as soon as their usrname and
9 matches
Mail list logo