access only particular website through RADIUS

Parham Beheshti p_beheshti at rasana.net
Mon Aug 27 11:42:38 CEST 2007


Hello,
We do this kind of stuff for our users.
When our users run out of credit, instead of rejecting them, we return a
different ip-pool to the user(ex: 10.10.X.X)
>From that ip-pool, users can only access our ticketing system, payment
gateways and such.(ex: from 10.10.X.X users can access few ip addresses)
After making payment, they reconnect and get a normal ip address which
they have full access to everything.
Cheers
Parham

-----Original Message-----
From: freeradius-users-bounces at lists.freeradius.org
[mailto:freeradius-users-bounces at lists.freeradius.org] On Behalf Of Nick
Owen
Sent: Monday, August 27, 2007 2:49 AM
To: FreeRadius users mailing list
Subject: Re: access only particular website through RADIUS

On 8/26/07, Arran Cudbard-Bell <A.Cudbard-Bell at sussex.ac.uk> wrote:
> liran tal wrote:
> > Others may correct me but I believe that this is not the role of
> > the RADIUS server. To actually do this kind of "filtering" you need
> > to use other technologies such as proxies or captive portal (see
> > chillispot).
> Yep for the most part your correct.
> However, some specific NAS vendors like HP, have included Access
Control
> List features setable using VSAs (Vendor specific attributes). But
these
> are usually only available on the prohibitively expensive switches.
>
> Firewall, proxy server,or captive portal is the way to go with this
> one... Though if you want proper 802.1x authentication , then it's
> firewall/proxy server only.
> >
> > Regards,
> > Liran.

For an example of how to do this with Apache, you can see this page.
You may not want two-factor authentication, but the idea is the same.
Note that there have been problems reported using a version of Apache
later than 2.2.2.

http://www.wikidsystems.com/documentation/howtos/how-to-add-two-factor-a
uthentication-to-apache/

HTH,

Nick


> >
> > On 8/26/07, *zamshed* <zamshed.email at gmail.com
> > <mailto:zamshed.email at gmail.com>> wrote:
> >
> >     dear Friends.
> >     I am a very new user of RADIUS.
> >     how can I configure this RADIUS for  a particular USER,such as
> >     when that
> >     USER login with RADIUS,then that user only get PERMIT to access
a
> >     fixed
> >     WEBSITE only,the rest others will b BLOCKED for that particular
USER.
> >     Can I do that with this RADIUS server?
> >
> >     -
> >     List info/subscribe/unsubscribe? See
> >     http://www.freeradius.org/list/users.html
> >
> >
> >
------------------------------------------------------------------------
> >
> > -
> > List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
>
> -
> List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
>


-- 
-- 
Nick Owen
WiKID Systems, Inc.
404.962.8983
http://www.wikidsystems.com
Commercial/Open Source Two-Factor Authentication
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html




More information about the Freeradius-Users mailing list