specify ip range in huntgroups (or similar functionality).

[Jason Murray]

Is it possible to specify a range of IP addresses in a huntgroups file?



What I am trying to accomplish is:

1) AAA authentication to our Cisco devices using radius
2) Only allow people in a specific group to access the devices
3) Reject everyone else.

I am using the following:


huntgroups:
-------------------
netgear           NAS-IP-Address == 172.20.120.75



users:
----------
test1 at net Auth-Type := Local, User-Password == "testing",
Huntgroup-Name == "netgear"
        Service-Type = NAS-Prompt-User,
        cisco-avpair = "shell:priv-lvl=15"

DEFAULT Auth-Type := Reject, Huntgroup-Name == "netgear"
        Reply-Message = "Not Authorized to access this gear"




This works just fine, but we have well over 600 devices.  If at all
possible I would like to specify network ranges instead of individual
IP addresses in the huntgroups file (similar to what I can do in the
clients.conf file).  Is this possible?  If it is not possible in the
huntgroups is there a better way to do what I want to accomplish?

Thanks in advance!


-- 
Jason E. Murray
jemurray at zweck.net
http://unixhosts.us/