NAS-IP-Address groupcheck item

Jeff Crowe listacct at
Thu Dec 27 18:24:58 CET 2007


On Dec 27, 2007 3:28 PM, Jeff Crowe <listacct at> wrote:

Hi all,

I am trying to deny a user from logging in through a couple of nas I have on
my network.  I am using freeradius 1.1.3 with mysql.

In my table radgroupcheck, I have added

Groupname   Attribute     Op  Value 
Dial-Up    NAS-IP-Address !=
Dial-Up    NAS-IP-Address !=

The SQL check always seems to return the last value of and never
compare against the  If my user is connecting to , they
authenticate and be allowed online.

Can someone please point me in the correct direction to allow me to define
multiple nas servers that I can deny authentication from?

Thanks and happy holidays 



Try to add it like this: 
Dial-Up   NAS-IP-Address !~ (|

Kind regards

Hi Yves,
thank you very much - it works perfectly.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Freeradius-Users mailing list