Freeradius + MySQL + WiFi PEAP authorisation only to a group of users
Lumir Lindovsky
lumir at rosinter.cz
Thu Aug 11 00:51:58 CEST 2011
>I would think something like this in your users file: DEFAULT NAS-Ip-Address == your.wifi.nas.ip, Group == WIFI DEFAULT NAS-Ip-Address == your.wifi.nas.ip, Auth-Type = Reject -
Thank you for the answer but I do not use any users file - I use mysql and users are stored in radcheck table and the groups are assigned in the radusergroup.
Plus the wifi are always behind a firewall and so NAT is present - so requests for both Wifi and OpenVPN authentication comes from the same IP address.
Maybe I can put something inside the eap.conf to add checking of the group in sql? But how to do that?
More information about the Freeradius-Users
mailing list