howto - reply items depending on check items (diffentet groups for different nas-ip-addresses)
it00x32
thomas.beer at dynabcs.at
Mon Mar 31 11:38:19 CEST 2008
Hi,
Here´s my problem: I need to create some user - group memebr model to
authenticate with Juniper Netscreen firewalls. Lets say i ve 10 users and 10
different customers with Firewalls. Now i need to give user 1 access to
customer 1,2,3 user 2 access to customer 5.7,8 and so on.
My idea is to check that with the NAS-IP-Address as the Check item and the
NS-User-Group as reply item (authorisation is only granted if the reply
NS-User-Group matches the one saved at the netscreen - this works - already
tested!)
so... somebody know how this can be done...?!
i cant use multiple user entries in the users file as only the first is used
.. e.g
User1 Password == "OVID", NAS-IP-Address == "198.204.32.45"
NS-User-Group = "access_gruppe_1"
User1 Password = "OVID", NAS-IP-Address == "88.34.34.2"
NS-User-Group = "access_gruppe_2"
thx for your help!
regards
tom
--
View this message in context: http://www.nabble.com/howto---reply-items-depending-on-check-items-%28diffentet-groups-for-different-nas-ip-addresses%29-tp16392701p16392701.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
More information about the Freeradius-Users
mailing list