freeradius and Cisco VPN IPSEC profiles authentication
Jevos, Peter
Peter.Jevos at oriflame.com
Fri Nov 5 21:38:29 CET 2010
Hi
How can I skip to the second DEFAULT if the first DEFAULT doesn't pass ?
So if request comes from the 10.1.1.2 and user doesn't pass through
authentication, it should be forwarded to another DEFAULT ( with the
vpn_auth_name authentication).
Now it stops at the first DEFAULT
DEFAULT Auth-Type := ntlm_auth_vpn, NAS-IP-Address ==
10.1.1.252
Tunnel-Type = "ESP",
Tunnel-Private-Group-ID = "Group",
Tunnel-Password = "cisco",
Cisco-Avpair += "ipsec:dns-servers=10.1.1.6 10.1.1.7",
Cisco-Avpair += "ipsec:addr-pool=vpn_pool",
Cisco-Avpair += "ipsec:inacl=101",
Cisco-Avpair += "ipsec:key-exchange=ike",
Cisco-Avpair += "ipsec:key-exchange=preshared-key",
Service-Type = Framed-User,
Framed-Protocol = PPP,
DEFAULT Auth-Type := vpn_auth_name, NAS-IP-Address ==
10.1.1.252
Service-Type = Framed-User,
Framed-Protocol = PPP,
thanks
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20101105/7c18596e/attachment.html>
More information about the Freeradius-Users
mailing list