3com problem with service-type
- To: freeradius-users@lists.freeradius.org
- Subject: 3com problem with service-type
- From: Nuno Cervaens <Nuno.Cervaens@cern.ch>
- Date: Wed, 19 Jul 2006 16:53:00 +0200
- Domainkey-signature: a=rsa-sha1; c=nofws; s=beta; d=cern.ch; q=dns; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding; b=aCrnKtdB5NAyJqrUVxF66n22zaMzfxucrp9WGhz/2/xYJAl9xwfLmKybHQ6qzlIb4RtMo/jP5QXA8P2vGNzBcl0WfNxI6IlhhR/OBjI5qDlwgxE9nd99AiTLoIOiVCbz;
- Keywords: CERN SpamKiller Note: -49 Charset: west-latin
- Organization: CERN
- Reply-to: FreeRadius users mailing list <freeradius-users@lists.freeradius.org>
- User-agent: Mozilla Thunderbird 1.0 (Windows/20041206)
Hi guys,
I have a lot of hp switches and a lot of 3com switches.
I have users that I want them to have Administrator privilege and others
that will have NAS-Prompt privilege.
So, my users files should be like this, so it can work for both brands:
userA Password = pass
Service-Type = 7,
3Com-User-Access-Level = 1
userB Password = pass
Service-Type = 6,
3Com-User-Access-Level = 3
The problem is that 3COM doesnt accept a service-type =7! It only
accepts Service-Type = 6! So the 3COM rejects the access-accept from
RADIUS for userA.
I know that I can use huntgroups and create for each huntgroup a
different account for the same user with different attributes, but I
dont want to use huntgroups because I already use it for Mac-address
authentication (and apparently a same NAS-IP-Address cannot belong to
more than 1 huntgroup as RADIUS returns the first huntgroup that matches
the NAS-IP-Address).
Does anyone has a solution for my problem?
Thanks,
Nuno
This archive was generated by a fusion of
Pipermail (Mailman edition) and
MHonArc.