NAS-IP-Address groupcheck item
Jeff Crowe
listacct at genhex.net
Thu Dec 27 18:24:58 CET 2007
On Dec 27, 2007 3:28 PM, Jeff Crowe <listacct at genhex.net> wrote:
Hi all,
I am trying to deny a user from logging in through a couple of nas I have on
my network. I am using freeradius 1.1.3 with mysql.
In my table radgroupcheck, I have added
Groupname Attribute Op Value
Dial-Up NAS-IP-Address != 1.1.1.1
Dial-Up NAS-IP-Address != 2.2.2.2
The SQL check always seems to return the last value of 2.2.2.2 and never
compare against the 1.1.1.1. If my user is connecting to 1.1.1.1 , they
will
authenticate and be allowed online.
Can someone please point me in the correct direction to allow me to define
multiple nas servers that I can deny authentication from?
Thanks and happy holidays
Jeff
Try to add it like this:
Dial-Up NAS-IP-Address !~ (1.1.1.1|2.2.2.2)
Kind regards
Y.
Hi Yves,
thank you very much - it works perfectly.
Regards,
Jeff.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20071227/9991cdcb/attachment.html>
More information about the Freeradius-Users
mailing list