how to configure my scenario

Stefan Winter stefan.winter at restena.lu
Thu Feb 23 12:35:32 CET 2006


Hi,

> My problem is how to select the correct authorize
> method of an instance depending on the NAS-IP-Address
> of the Access-Request packet. For example, if the
> NAS-IP-Address is a.b.c.d I would like to use the
> authorize method of interface1 (and NOT the authorize
> method of interface2 or interface3)


to seperate within the authorize section, you have set Autz-Type as well. That 
would be

DEFAULT NAS-IP-Address == a.b.c.d, Auth-Type :=LDAP1, Autz-Type := LDAP1
DEFAULT NAS-IP-Address == a2.b2.c2.d2, Auth-Type :=LDAP2, Autz-Type := LDAP2
DEFAULT NAS-IP-Address == a3.b3.c3.d3, Auth-Type :=LDAP3, Autz-Type := LDAP3

(just always make sure that files is before the interfaceX bits, to ensure 
that Autz-Type is already set. You can then do

> authorize{
>    preprocess
>    suffix
>    files
        Autz-Type LDAP1 {
	   interface1
       }
       Autz-Type LDAP2 {
	   interface2
       }
       Autz-Type LDAP3 {
	   interface3
       }
> }

That should work, I did a very similar thing just last week :-)

Greetings,

Stefan Winter

-- 
Stefan WINTER

Stiftung RESTENA - Réseau Téléinformatique de l'Education Nationale et de 
la Recherche
Ingenieur Forschung & Entwicklung

6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg
E-Mail: stefan.winter at restena.lu     Tel.:     +352 424409-1
http://www.restena.lu                Fax:      +352 422473




More information about the Freeradius-Users mailing list