27 Apr
2007
27 Apr
'07
5:28 a.m.
Yes. Use NAS-IP-Address as check item. If you need a list of groups and/or users/callerIDs/etc. that are allowed then use a huntgroup. Ivan Kalik Kalik Informatika ISP Dana 26/4/2007, "Norman Zhang" <norman.zhang@gmail.com> piše:
Is there a way to set FreeRADIUS to authenticate against specific group of users for certain devices. For example,
DEFAULT Auth-Type = System Fall-Through = Yes, cisco-avpair = "shell:priv-lvl=1", Service-Type = NAS-Prompt-User
DEFAULT Group == router-rw cisco-avpair := "shell:priv-lvl=15"
DEFAULT Group == fw-admin cisco-avpair := "shell:priv-lvl=15"
Can I have the PIX to authenticate only against group fw-admin?
Norman
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html