prevent roaming configuration question

James Wakefield jamesw at
Mon Oct 2 01:30:37 CEST 2006

isidoros wrote:
> Goal:
> users X,Y,Z should only be authenticated on NAS1 and not on NAS2 or any 
> other nas
> users A,B,C should only be authenticated on NAS2 and not on NAS1 or any 
> other nas
> etc


You'll probably want users X,Y,Z mapped to one group (let's say, G1), 
and A,B,C mapped to another (let's say, G2) in your usergroup table. 
You can then use NAS-IP-Address as a check item in radgroupcheck to 
authorize only G1 from NAS1's IP address, and authorize only G2 from 
NAS2's IP address.  You shouldn't have to touch any of the SQL queries 
in sql.conf. should provide the info you need to 
do the above.

James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin University, Geelong, Victoria 3217 Australia.

Phone: 03 5227 8690 International: +61 3 5227 8690
Fax:   03 5227 8866 International: +61 3 5227 8866
E-mail:   james.wakefield at

More information about the Freeradius-Users mailing list