how to configure my scenario

Rafael Roldán rafael.roldan at panel.es
Thu Feb 23 12:23:32 CET 2006 

----- Original Message ----- 
From: "Peter Manckok" <peter_manckok at yahoo.es>
To: "FreeRadius users mailing list" <freeradius-users at lists.freeradius.org>
Sent: Thursday, February 23, 2006 11:52 AM
Subject: Re: how to configure my scenario


>
>  --- Phil Mayers <p.mayers at imperial.ac.uk> escribió:
>
> > Peter Manckok wrote:
> > >
> > > authenticate {
> > >    ......
> > >    Auth-Type LDAP1 {
> > >         interface1
> > >    }
> > >    Auth-Type LDAP2 {
> > >         interface2
> > >    }
> > >    Auth-Type LDAP3 {
> > >         interface3
> > >    }
> > >    ....
> > > }
> > >
> > > In my authorize section I have:
> > > authorize{
> > > ....
> > > files
> > > ...
> > > }
> > >
> > > In my users file I have:
> > > DEFAULT NAS-IP-Address == a.b.c.d, Auth-Type
> > :=LDAP1
> > > DEFAULT NAS-IP-Address == a2.b2.c2.d2, Auth-Type
> > > :=LDAP2
> > > DEFAULT NAS-IP-Address == a3.b3.c3.d3, Auth-Type
> > > :=LDAP3
> > >
> >
> >
> > Provided there's nothing after the "files" in
> > "authorize" that might be
> > (re)setting Auth-Type, that should work.
>
> Thanks for the warning
>
> > Don't snip
> > bits out - what is
> > the full contents of the authorize and authenticate
> > sections? What does
> > the radius server say when you run it in debug mode
> > (with -X)?
> > -
>
> Hy Phil,
>
> My problem is how to select the correct authorize
> method of an instance depending on the NAS-IP-Address
> of the Access-Request packet. For example, if the
> NAS-IP-Address is a.b.c.d I would like to use the
> authorize method of interface1 (and NOT the authorize
> method of interface2 or interface3)
>
> I haven´t tested it yet, I am not in my company now
>
> In the authorize section I have:
>
> authorize{
>    preprocess
>    suffix
>    files
>    ??? -------> how can I discriminate between the
> differents authorize methods of interface1,
> interface2, interface3 depending on the source
> NAS-IP-Address?
> }
>
> In the authenticate section:
>
> authenticate {
>
> Auth-Type LDAP1 {
>          interface1
>     }
>   Auth-Type LDAP2 {
>         interface2
>    }
>    Auth-Type LDAP3 {
>        interface3
>    }
>   unix
> }
>
>
> Thanks again
>
> Any hint is very appreciated
>
> Peter
>

Use Autz-Type to select between authorization methods

> > List info/subscribe/unsubscribe? See
> > http://www.freeradius.org/list/users.html
> >
>
>
>
>
> ______________________________________________
> LLama Gratis a cualquier PC del Mundo.
> Llamadas a fijos y móviles desde 1 céntimo por minuto.
> http://es.voice.yahoo.com
> -
> List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
>

More information about the Freeradius-Users mailing list