Restricting access to NAS via http login authentication list

Alan DeKok aland at deployingradius.com
Wed May 19 16:29:00 CEST 2010


Peter Carlstedt wrote:
> The problem I have is that every user in the user file in Freeradius can
> access the switch when im using an authentication list which checks
> against the radius server. Is there anyway to restrict so that only one
> specific user in the users file can get access to the NAS?

  What is different between an administrator request, and a normal user
request?

  i.e. look at the contents of the Access-Request.  Odds are that
they're different.

  Then...

	if (... looks like admin) {
		check against admin login
	}
	else (... looks like normal user ...) {
		check against normal user login
	}

  Alan DeKok.



More information about the Freeradius-Users mailing list