prevent roaming configuration question
James Wakefield
jamesw at deakin.edu.au
Mon Oct 2 01:30:37 CEST 2006
isidoros wrote:
>
> Goal:
> users X,Y,Z should only be authenticated on NAS1 and not on NAS2 or any
> other nas
> users A,B,C should only be authenticated on NAS2 and not on NAS1 or any
> other nas
> etc
G'day,
You'll probably want users X,Y,Z mapped to one group (let's say, G1),
and A,B,C mapped to another (let's say, G2) in your usergroup table.
You can then use NAS-IP-Address as a check item in radgroupcheck to
authorize only G1 from NAS1's IP address, and authorize only G2 from
NAS2's IP address. You shouldn't have to touch any of the SQL queries
in sql.conf.
http://wiki.freeradius.org/Rlm_sql should provide the info you need to
do the above.
Cheers,
--
James Wakefield,
Unix Administrator, Information Technology Services Division
Deakin University, Geelong, Victoria 3217 Australia.
Phone: 03 5227 8690 International: +61 3 5227 8690
Fax: 03 5227 8866 International: +61 3 5227 8866
E-mail: james.wakefield at deakin.edu.au
Website: http://www.deakin.edu.au
More information about the Freeradius-Users
mailing list