is it possible to only allow users with a valid host ip?
Hi, I wonder if I can restrict (vpn)login from users in combination with their login (host) ip address. cheers, Geer -- gvdgiessen@fastmail.fm -- http://www.fastmail.fm - And now for something completely different
On Thu, Jun 09, 2005 at 06:19:28AM -0700, gvdgiessen@fastmail.fm wrote:
Hi,
I wonder if I can restrict (vpn)login from users in combination with their login (host) ip address.
If you mean their source address, that would depend on how your VPN endpoint gives that information to FreeRADIUS. If it's sensible and uses the Calling-Station-ID attribute, then you can use that. -- Paul "TBBle" Hampson, on an alternate email client.
You can add an extra field in SQL with Calling-Station-ID attribute for a user and make radius check that when it receives a request. On Fri, 10 Jun 2005 15:28:46 +1000 Paul.Hampson@PObox.com (Paul Hampson) wrote:
On Thu, Jun 09, 2005 at 06:19:28AM -0700, gvdgiessen@fastmail.fm wrote:
Hi,
I wonder if I can restrict (vpn)login from users in combination with their login (host) ip address.
If you mean their source address, that would depend on how your VPN endpoint gives that information to FreeRADIUS. If it's sensible and uses the Calling-Station-ID attribute, then you can use that.
-- Paul "TBBle" Hampson, on an alternate email client. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
participants (4)
-
Geert vd Giessen -
gvdgiessen@fastmail.fm -
Marcin Jessa -
Paul.Hampson@PObox.com