Hi Scott, This is a very good idea, I will go through this. Thanks! Regards, Mike On 2016-01-15 00:24, Scott Lambert wrote:
I don't remove prohibited users from the authentication DB. I just set them to use IPs from a pool which NATs all web traffic to a webserver whose error document is a page explaining that they are not authorized to use the system for one of several possible reasons. They get a link to a customer portal where they can resolve the no payment situation and a phone number to call if they don't think they have a billing issue.
It cuts way down on bad login attempts, and tends to lead to the resolution of the underlying issue. It's not a FreeRADIUS technical solution, but it could help to achieve your goal of smaller logs.