pershendetje/Hi dashamir.<br><br>sorry for my english , not my mother language.<br><br>i use the same scenario at our isp but we<br>check the MAC address of the NAS where the client comes from.<br><br>In mysql we have:<br>
<br>+----+----------+--------------------+----+--------------+<br>| id | username | attribute | op | value |<br>+----+----------+--------------------+----+--------------+<br>| 1 | orion | Calling-Station-Id | == | 001bd136e285 |
<br>| 2 | orioni | Cleartext-Password | := | test |<br>| 3 | orioni | Simultaneous-Use | := | 2 |<br>+----+----------+--------------------+----+--------------+<br><br><br>shnet e pare / bye.<br>
<br><div><span class="gmail_quote">On 17/01/2008, <b class="gmail_sendername">Dashamir Hoxha</b> <<a href="mailto:dhoxha@albaniaonline.net">dhoxha@albaniaonline.net</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Hi,<br><br>Actually, what I am trying to do is this:<br>I have several access points that have hotspot<br>and use radius for AAA. I would like to register<br>users in radius so that they are able to login<br>using some of the access points, and not able to
<br>login using the others.<br><br>The way that I was trying to do it is like this:<br>Suppose that there are the access points A1, A2, A3<br>and the user 'test' should be able to access the<br>internet only from A1 and A3. The data in radius
<br>that would make this scenario work, could be like this:<br><br>radcheck:<br>+------+----------+------------------+----+-------+<br>| id | UserName | Attribute | op | Value |<br>+------+----------+------------------+----+-------+
<br>| 5272 | test | User-Password | := | test |<br>| 5262 | test | Simultaneous-Use | := | 5 |<br>+------+----------+------------------+----+-------+<br><br>radreply:<br>+----+----------+---------------+----+----------+
<br>| id | UserName | Attribute | op | Value |<br>+----+----------+---------------+----+----------+<br>| 42 | test | Auth-Type | := | Reject |<br>| 43 | test | Fall-Through | := | Yes |<br>+----+----------+---------------+----+----------+
<br><br>usergroup:<br>+----------+-----------+----------+<br>| UserName | GroupName | priority |<br>+----------+-----------+----------+<br>| test | A1 | 1 |<br>| test | A2 | 1 |<br>| test | A3 | 1 |
<br>+----------+-----------+----------+<br><br>radgroupcheck:<br>+----+-----------+----------------+----+-------+<br>| id | GroupName | Attribute | op | Value |<br>+----+-----------+----------------+----+-------+<br>
| 42 | A1 | NAS-Identifier | == | ID-A1 |<br>| 43 | A2 | NAS-Identifier | == | ID-A2 |<br>| 44 | A2 | NAS-Identifier | == | ID-A3 |<br>+----+-----------+----------------+----+-------+<br><br>radgroupreply:
<br>+----+-----------+---------------+----+--------+<br>| id | GroupName | Attribute | op | Value |<br>+----+-----------+---------------+----+--------+<br>| 52 | A1 | Auth-Type | := | Accept |<br>| 53 | A1 | Fall-Through | := | No |
<br>| 54 | A2 | Auth-Type | := | Reject |<br>| 55 | A2 | Fall-Through | := | Yes |<br>| 56 | A3 | Auth-Type | := | Accept |<br>| 57 | A3 | Fall-Through | := | No |<br>+----+-----------+---------------+----+--------+
<br><br>However, if the radius does not follow the algorithm<br>described in <a href="http://wiki.freeradius.org/Rlm_sql">http://wiki.freeradius.org/Rlm_sql</a>,<br>then this setup should not work.<br><br>Do you have any suggestion or idea on how to make the
<br>scenario above work?<br><br>Regards,<br>Dashamir<br><br><br>Dashamir Hoxha wrote:<br>> I have installed freeradius-1.1.7 in fedora8. However I find that the<br>> module<br>> rlm_sql does not work as described in this page:
<br>> <a href="http://wiki.freeradius.org/Rlm_sql">http://wiki.freeradius.org/Rlm_sql</a><br><br>-<br>List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html">http://www.freeradius.org/list/users.html
</a><br></blockquote></div><br>