Re: Reject authentication attempts based on "cli" value?
Sam Schultz wrote:
> An entry like this in your 'users' file should work:
>
> DEFAULT NASIPAddress =~ "192.168.100.*"
> Auth-Type := Reject
No, it won't work. See the FAQ for examples of setting Auth-Type :=
Reject. See "man users" for documentation on the format of the "users"
file.
The first line of a "users" file entry is where configuration items
like "Auth-Type := Reject" get set. If you put it on the *second* line,
it won't work, and you'll get a message in debugging mode saying you
probably did something wrong.
> I'm not sure '*' is the appropriate regular expression character
> for freeradius,
FreeRADIUS uses normal regular expressions. '*' has its normal meaning.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
This archive was generated by a fusion of
Pipermail (Mailman edition) and
MHonArc.