Hi All,
I am currently configuring
power distribution units(PDU) in our organisation, authentication from
freeradius-1.0.1-3.RHEL4.3
1. I have configured the
dictionary file accordingly.
client 131.xxx.xx.xxx {
secret =abcdeffghijk
shortname =PDU1
}
client 131.xxx.xx.xxx {
secret =lmnoopqrstuve
shortname =PDU2
}
2. I have also defined the
ATTRIBUTE and VALUE the dictionary file as per APC vendor's instructions
VENDOR APC 318
BEGIN-VENDOR APC
ATTRIBUTE APC-Service-Type 1
integer APC
VALUE APC-Service-Type Admin
1
VALUE APC-Service-Type Device
2
VALUE APC-Service-Type
ReadOnly 3
3. I have modified the users
file , created groups and outlet access for each group. In the below example,I
have given group3 access to outlet3.
DEFAULT Group ==
"group3", Auth-Type = System
APC-Service-Type = Outlet,
APC-Outlets = "3",
Fall-Through = No
4. Now, I have 20 PDUs setup
(in pair) and I also would like to restrict the subnets that it can
authenticate from. I would like to set up a rule in user file as following:
If pdu1 or pdu2
{if group1 and authenticated
from the approved subnets
Then
APC-Service-Type = Outlet,
APC-Outlets = "1",
}
....And so on for the rest
of PDU pairs.
Has anyone done a similar
setup before? If so, could you please shed light?
Thanks in advance
Uma
u.palvannan@qut.edu.au