Alan DeKok wrote:
Matthew Schumacher wrote:I see that there is a Virtual-Server internal attribute so I thought I could do something like this: DEFAULT Virtual-Server == 'dsl'...DEFAULT Virtual-Server == 'dialup'Why? The whole point of virtual servers is that you shouldn't have to do such comparisons.
I've been doing it this way for a long time to get around the lack of virtual servers. I've been setting the autz|auth|sess type based on what I get from the NAS-Identifier. Now that virtual servers are supported, your right, I don't need this anymore.
It looks like you're pointing *multiple* virtual servers at the same
"users" file. Don't do that...
modules {
files dsl_files {
usersfile = ...dsl_users
...
}
files dialup_files {
usersfile = ...dialup_users
...
}
}
That makes sense, I put it in and it works perfectly.
Fix the config as above, and then post full debug. Please.
No need, it's working great now that I'm using a separate user file for each virtual server.
Also, I'm noticing that the server returns attributes even when the access request is rejected. Anyone know why that is?Because that's what you've configured. See attr_filter.access_reject for a module that filters the contents of Access-Reject.
Your right, I had the attr_filter module commented out because I remove everything thing I don't think I need, and I didn't think I needed it.
Overall, there are a few changes in 2.x that where different enough that it took a little head scratching, but now that it's up and running it makes much more sense. 2.x solves a bunch of problems I was having. In fact I was getting ready to run a split radius system when I found 2.x and the new virtual server feature.
Thanks, schu