Restricting access to a NAS
Jonathan De Graeve
Jonathan.De.Graeve at imelda.be
Tue Jan 24 19:45:20 CET 2006
I'm doing this with huntgroups
J.
> -----Oorspronkelijk bericht-----
> Van: freeradius-users-
> bounces+jonathan.de.graeve=imelda.be at lists.freeradius.org
> [mailto:freeradius-users-
> bounces+jonathan.de.graeve=imelda.be at lists.freeradius.org] Namens
Lewis
> Bergman
> Verzonden: dinsdag 24 januari 2006 18:01
> Aan: FreeRadius users mailing list
> Onderwerp: Re: Restricting access to a NAS
>
> Laker Netman wrote:
> > I have a Cisco 3660 router configured for dialup AAA
> > through FR (1.0.5) to access our LAN. I also have the
> > login to the router itself, for admin, authenticating
> > through FR (MySQL backend).
> > The same DB is used for all auth, so currently anyone
> > with a dialup account could also telnet into the
> > router. This leaves only my 'enable' password to
> > prevent problems.
> > I want to configure FR to eliminate this ability for
> > all but a select group of users (admins). There are
> > other devices I would like to add to the list later.
> > I've been looking at huntgroups as the solution, but
> > was unsure how (or if) this could be handled via sql
> > rather than the users file.
> >
> > Is anyone doing this and could provide a sample config
> > layout?
> >
> I am not currently doing this but plan to tackle it by using something
> like a realm of admin when I do get to it. So a user needing admin
privs
> would have to log in like user at admin.user to get access.
>
> --
> Lewis Bergman
> Texas Communications
> 4309 Maple St.
> Abilene, TX 79602-8044
> Off. 325-691-1301
> Cell 325-439-0533
> fax 325-695-6841
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list