Thank you, but where exactly do I specify my authorization policy? In the sites-available/default file, or in radiusd.conf? In what (sub)section? I'm trying a simpler policy for now: if(%{request:SDP-Bandwidth}<=2000) { Auth-Type := Accept } else { Auth-Type := Reject } I've tried this in default's post-auth section, but it doesn't seem to work (the server runs fine, but this condition is never verified). I've tried it in radiusd.conf's post-auth section, but the server won't start: /etc/freeradius/radiusd.conf[2129]: EOF reached without closing brace for section post-auth starting at line 2032 although I've checked, and every brace is matched. (By the way, SDP-Bandwidth is a custom defined attribute, type integer) What am I doing wrong? On 10 June 2011 14:19, Alan DeKok <aland@deployingradius.com> wrote:
Tiberiu Breana wrote:
Is it possible to authenticate users based on an attribute, if it exists (in their request), but ignore it if it doesn't? I've read the 'man users', but haven't found anything suitable.
$ man unlang
Alan DeKok.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html