Rob Shepherd wrote:
Dear freeradiuseers,
I have my wireless network working great... PEAP supplicants are authenticated from either LDAP or MySQL and the appropriate Tunnel-Private-Group-ID is set to allocate the correct vlan.
I also have a cisco VPN concentrator. I must only allow ldap users to authenticate to this. mysql users mustn't get a look in...
I tried making a huntgroup in raddb/huntgroups...
ciscovpnc NAS-IP-Address == 10.1.33.4
then in raddb/users...
DEFAULT HuntGroup-Name == ciscovpnc Autz-Type = ldap
however sql is still checked.
Could some body shove me in the right direction..
Cheers
Rob
TYPO! DEFAULT HuntGroup-Name == ciscovpnc Autz-Type := ldap ...is how it looks in raddb/user. Oh, and I tried various combos of Autz-Type ldap{ ldap } in authorize{ too. No joy. Thanks IA Rob -- Rob Shepherd | Computer and Network Engineer | Technium CAST | LL57 4HJ rob@techniumcast.com | 01248 675024 | 077988 72480