(no subject)
Igor Smitran
igor at poen.net
Mon Aug 14 10:34:33 CEST 2006
From: c k
To: freeradius-users at lists.freeradius.org
Sent: Tuesday, August 08, 2006 6:33 AM
Subject: (no subject)
I m using EAP-TLS as an authentication protocol.I want to authorize the clients in my network to access only certain protocol traffics.For some users i want to allow only http,while for others http and ftp.How can i create such kind of profiles and perform access control on routers.Sorry friends i m new to radius...plz help me out.
You need router that supports that kind of thing. Something like named access lists. Then you use freeradius to send access list name to router. Try to find what attributes your router can receive from radius. Try googling something like "your router name radius attributes".
If not, you can use diferent pools for users that have ftp access and user that don't have ftp access. For those pools you setup diferent access lists. After that you just use freeradius to give diferent IP adresses to users that have ftp access and users that don't have ftp access.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20060814/1a3d6e7c/attachment.html>
More information about the Freeradius-Users
mailing list