Locking realm access to a specific huntgroup

Nicolas Baradakis nbk at sitadelle.com
Wed Jun 14 14:23:32 CEST 2006


Jonathan De Graeve wrote:

> I have different NAS and each type of NAS is grouped together in a
> huntgroup.
>
> I need to make an addition to my radius setup to proxy requests with a
> certain realm to a specified server.
>
> Proxying is already working but I want to lock the users using that
> specific realm to a specific huntgroup so that its only possible for
> them to login on predefined NASgroup.

You could try to manually set the "Proxy-To-Realm" variable in the
"users" file instead of using the "realm" module.  For example,
test with something like that:

DEFAULT User-Name =~ "@foo\.net$", Huntgroup-Name == "bar", Proxy-To-Realm := "foo.net"

> Using attr_filter isn't an option since this only filters replys.

The attr_filter module can be used in both pre-proxy and post-proxy
sections.

-- 
Nicolas Baradakis




More information about the Freeradius-Users mailing list