Michał Dopierała wrote:
Thanks for response!
So, users file can look like this:
Yes.
========================users=====================================
mdopierala Packet-Src-IP-Address == 192.168.1.1, Crypt-Password = "some_hash"
It's NOT a hash. It's a password.
This way user mdopierala will have priv-lvl=15 to router1 and priv-lvl=1 to router2?
Yes.
I have a lot of users and clients in my environment(a lot of network equipments and administrators). Can I make any groups of this users and clients and then make policies to this groups?
Yes. See "man rlm_passwd" for examples of making groups.
This way I could add new users to this groups apart from making separate policies. Unfortunately I work on producing environment and I can't make as many test as I wish.
If you don't test it, it won't work. Alan DeKok.