Configuration doubt
tnt at kalik.co.yu
tnt at kalik.co.yu
Thu Jul 12 20:59:20 CEST 2007
You can use huntgroups:
nasA NAS-IP-Address == aaa.aaa.aaa.aaa
User-Name = jane,
User-Name = peter
nasB NAS-IP-Address == bbb.bbb.bbb.bbb
User-Name = john,
User-Name = peter
nasC NAS-IP-Address == ccc.ccc.ccc.ccc
User-Name = john,
User-Name = peter
nasD NAS-IP-Address == ddd.ddd.ddd.ddd
User-Name = george,
User-Name = peter
John can use B and C, Jane only A, George only D while Peter can use them
all. If John tries to connect to A he will be rejected even if his
credentials (user/pass) are correct. This also works with (SQL, Ldap)
groups. This doesn't scale very well. It's a quick and easy solution
for a small number of devices and users (groups).
Ivan Kalik
Kalik Informatika ISP
Dana 12/7/2007, "Thiago Drechsel" <thiago.drechsel at gmail.com> piše:
>Hi all.
>
>I'm new with freeradius. I'd like some help to configure my Radius server,
>in order to acomplish the following task:
>
>I have a radius server, called "R". This radius authenticates users wha want
>to access our lab equipments, called A, B, C, D and etc.
>
>
>I want to restrict access to these equipments to some users, using radius.
>For example, user "john" only can access equipments B and C, but can't
>access equipments A and D.
>
>Can anyone help me with this task?
>
>
>Thanks in advance
>
>Thiago
>
>
More information about the Freeradius-Users
mailing list