One user - Different Service Type depending on NAS

tnt at kalik.net tnt at kalik.net
Mon Oct 13 11:15:41 CEST 2008


username   NAS-IP-Address (or Packet-Src-IP-Address) == whatever
                   Service-Type = whichever

Create huntgroups and use Huntgroup-Name for groups of devices.

Ivan Kalik
Kalik Informatika ISP



Dana 13/10/2008, "Mats Blomgren B" <mats.b.blomgren at ericsson.com> piše:

>Hi,
>
>I have about 6 people working with Network Administration.
>
>3 of the users should have full access (read/write) to the network (94
>Extreme Switches). This is straight forward.
>The other 3 should have read/write to about 80 switches and read only to
>the last 14.
>
>I understand that I can group devices in huntgroups and users in groups
>and then control the access.
>
>The problem I have is that I don't know how to give a certain user a
>specific "Service-Type" depending on the NAS he/she tries to connect to.
>I want the Service Type do differ for certain users depending on the
>NAS.
>Admin should always have read/write access to all switches and the
>others should have "read" on some switches and "read/write" on some.
>
>The Service type for Extreme Switches are as follows:
>Service-Type = Login-User (Read Only)
>Service-Type = Administrative-User  (Read/Write)
>
>Best Regards
>
>Mats Blomgren
>
>




More information about the Freeradius-Users mailing list