Hi, Hope you are referring to realm freescale.com { type = radius authhost = LOCAL accthost = LOCAL present in the radiusd.conf file. removed it. Restarted the freeradius server. The user file contains navin@freescale.com Cleartext-Password := "navin123" Even then when tested with radtest tool , the users "navin" & "navin@freescale.com" are both getting authenticated. I would prefer only navin@freescale.com get authenticated and user "navin" should get rejected. have a nice day, navin At 07:37 PM 7/15/2009, you wrote:
I am new to radius . hence kindly excuse if my terminologies are different from what is expected.
I am using Freeradius Version 1.1.7. Is it possible to reject when a request comes from the NAS server with a user logging in without a realm as suffix?
For example, if the FreeRadius server receives an authentication request for the user navin , it has to reject. but if it receives the request as navin@freescale.com it has to authenticate him.
I tried the below options:
I am not using the proxy request support. Hence commenting proxy.conf file and setting proxy_requests = no in the radiusd.conf file.
Added the below in the radiusd.conf file with the intention that users of realm freescale.com has to be authenticated and other users should be rejected.
realm freescale.com { type = radius authhost = LOCAL accthost = LOCAL }
Remove that. Your user file entry will sort out who gets authenticated and who doesn't.
Ivan Kalik Kalik Informatika ISP
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html