can policy.conf be used to create an access control list
Hi, I am using version freeRadius 1.1.7. I am trying to create an access control list via radius, to prevent specific PC's/locations from accessing my network. Please see my policy.conf example below. My freeRadius server keeps sending an access-accept, when I try to login in from my office as a test, which has the IP address 10.2.222.35. I don't understand why the server is allowing the login. It seems logical to me the way that I have approached an implementation, but I can't find any specific info from the wiki or in internet searches. So I am not sure if I am still misconfigured or if it just doesn't work for some other reason. Thanks, Mike In policy.conf, I have the following, but it doesn't have any affect ( I do have '$INCLUDE ${confdir}/policy.conf' in my radiusd.conf file): policy { forbid_login_ip_hosts { %{request:Login-IP-Host} =~ /^10.2./ { reject } } }
michael lamborn wrote:
I am using version freeRadius 1.1.7.
Upgrade.
Please see my policy.conf example below.
1.1.7 doesn't support policy.conf. My guess is that you saw it in the recent release, and copied the file to your 1.1.7 installation. That won't help, software doesn't work that way. Alan DeKok.
I finally upgraded to freeradius 2.1.11, but am seeing the same problem of the same policy not working. Any additional info/insight? -- View this message in context: http://freeradius.1045715.n5.nabble.com/can-policy-conf-be-used-to-create-an... Sent from the FreeRadius - User mailing list archive at Nabble.com.
participants (3)
-
Alan DeKok -
michael lamborn -
mlamborn