Locking realm access to a specific huntgroup
Nicolas Baradakis
nbk at sitadelle.com
Wed Jun 14 14:23:32 CEST 2006
Jonathan De Graeve wrote:
> I have different NAS and each type of NAS is grouped together in a
> huntgroup.
>
> I need to make an addition to my radius setup to proxy requests with a
> certain realm to a specified server.
>
> Proxying is already working but I want to lock the users using that
> specific realm to a specific huntgroup so that its only possible for
> them to login on predefined NASgroup.
You could try to manually set the "Proxy-To-Realm" variable in the
"users" file instead of using the "realm" module. For example,
test with something like that:
DEFAULT User-Name =~ "@foo\.net$", Huntgroup-Name == "bar", Proxy-To-Realm := "foo.net"
> Using attr_filter isn't an option since this only filters replys.
The attr_filter module can be used in both pre-proxy and post-proxy
sections.
--
Nicolas Baradakis
More information about the Freeradius-Users
mailing list