Re: Proxy Control

I've ported all my freeradius user files/info to
mysql.  I have a groups setup with a few users in
each.  However, when I attempt to login to the VPN
freeradius debug shows the proxy to the SBR server.
SBR returns an access-accept message and the user is
logged into the VPN.  Uh oh - the user I attempted to
login with was not listed in radcheck or usergroup.
What do I need to do to have freeradius reject the
auth request (even if the proxied SBR reponse was
access-accept) if the user isn't part of a 'VPN'
group?


--- Alan DeKok <aland@deployingradius.com> wrote:

> Josh <josh2780@yahoo.com> wrote:
> > I'm actually running Funk (Juniper) Steel-Belted
> > Radius on the windows box.  I'm working out issues
> > with the user profiles on that box...  I was
> hoping to
> > let freeradius take care of who had access to
> proxy
> > (if possible).
> 
>   "man rlm_passwd"
> 
>   Put the users into a group, and for people not in
> the "VPN" group,
> disallow them access to the VPN.
> 
>   Alan DeKok.
> --
>   http://deployingradius.com       - The web site of
> the book
>   http://deployingradius.com/blog/ - The blog
> - 
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
> 


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com
This archive was generated by a fusion of Pipermail (Mailman edition) and MHonArc.