Reject authentication attempts based on "cli" value?
Alan DeKok
aland at deployingradius.com
Fri Mar 16 01:36:52 CET 2007
Sam Schultz wrote:
> An entry like this in your 'users' file should work:
>
> DEFAULT NASIPAddress =~ "192.168.100.*"
> Auth-Type := Reject
No, it won't work. See the FAQ for examples of setting Auth-Type :=
Reject. See "man users" for documentation on the format of the "users"
file.
The first line of a "users" file entry is where configuration items
like "Auth-Type := Reject" get set. If you put it on the *second* line,
it won't work, and you'll get a message in debugging mode saying you
probably did something wrong.
> I'm not sure '*' is the appropriate regular expression character
> for freeradius,
FreeRADIUS uses normal regular expressions. '*' has its normal meaning.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
More information about the Freeradius-Users
mailing list