how to define ACL like things in RADIUS

Ivan Kalik tnt at kalik.net
Fri May 15 10:54:11 CEST 2009


> Hi
> I have configure Radius server with LDAP authentication, for performing
> AAA
> for Cisco Routers and Firwalls. Currently all users created in LDAP are
> getting equal priviledge of accessing all devices (NAS) configured with
> AAA.
> I want to allow a set of users to let access some devices (say only few
> routers) while to allow other set of users with access permission of all
> devices (including Routers and Firwalls).
> I am aware of  following:
>
>
> root         Auth-Type := Reject
>                Reply-Message = "Your account has been disabled."
>
>  which deny all access to user root. But I want some modification, i.e.
> root
> user will able to authenticate to only two NAS, 192.168.1.178 &
> 192.168.1.179.
>
> Pls suggest some solution.
>
> Please guide me and help me to implement above scenario.

You had your answer - huntgroups.

Ivan Kalik
Kalik Informatika ISP




More information about the Freeradius-Users mailing list