how to configure my scenario
Stefan Winter
stefan.winter at restena.lu
Thu Feb 23 12:35:32 CET 2006
Hi,
> My problem is how to select the correct authorize
> method of an instance depending on the NAS-IP-Address
> of the Access-Request packet. For example, if the
> NAS-IP-Address is a.b.c.d I would like to use the
> authorize method of interface1 (and NOT the authorize
> method of interface2 or interface3)
to seperate within the authorize section, you have set Autz-Type as well. That
would be
DEFAULT NAS-IP-Address == a.b.c.d, Auth-Type :=LDAP1, Autz-Type := LDAP1
DEFAULT NAS-IP-Address == a2.b2.c2.d2, Auth-Type :=LDAP2, Autz-Type := LDAP2
DEFAULT NAS-IP-Address == a3.b3.c3.d3, Auth-Type :=LDAP3, Autz-Type := LDAP3
(just always make sure that files is before the interfaceX bits, to ensure
that Autz-Type is already set. You can then do
> authorize{
> preprocess
> suffix
> files
Autz-Type LDAP1 {
interface1
}
Autz-Type LDAP2 {
interface2
}
Autz-Type LDAP3 {
interface3
}
> }
That should work, I did a very similar thing just last week :-)
Greetings,
Stefan Winter
--
Stefan WINTER
Stiftung RESTENA - Réseau Téléinformatique de l'Education Nationale et de
la Recherche
Ingenieur Forschung & Entwicklung
6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg
E-Mail: stefan.winter at restena.lu Tel.: +352 424409-1
http://www.restena.lu Fax: +352 422473
More information about the Freeradius-Users
mailing list