denying access to user from device
Rob Shepherd
rob at techniumcast.com
Thu Sep 14 18:48:35 CEST 2006
Rob Shepherd wrote:
> Dear freeradiuseers,
>
> I have my wireless network working great... PEAP supplicants are
> authenticated from either LDAP or MySQL and the appropriate
> Tunnel-Private-Group-ID is set to allocate the correct vlan.
>
> I also have a cisco VPN concentrator. I must only allow ldap users to
> authenticate to this. mysql users mustn't get a look in...
>
> I tried making a huntgroup in raddb/huntgroups...
>
> ciscovpnc NAS-IP-Address == 10.1.33.4
>
> then in raddb/users...
>
> DEFAULT HuntGroup-Name == ciscovpnc
> Autz-Type = ldap
>
> however sql is still checked.
>
> Could some body shove me in the right direction..
>
> Cheers
>
> Rob
>
>
>
>
TYPO!
DEFAULT HuntGroup-Name == ciscovpnc
Autz-Type := ldap
...is how it looks in raddb/user.
Oh, and I tried various combos of
Autz-Type ldap{
ldap
}
in authorize{ too. No joy.
Thanks IA
Rob
--
Rob Shepherd | Computer and Network Engineer | Technium CAST | LL57 4HJ
rob at techniumcast.com | 01248 675024 | 077988 72480
More information about the Freeradius-Users
mailing list