Radius users state
tnt at kalik.net
tnt at kalik.net
Tue Sep 16 12:15:13 CEST 2008
First a few basic things. Are you using a very old version of the server?
If you are, unlang is not going to work. If you are not, don't use
Auth-Type Local and User-Password but Cleartext-Password as per
instructions in users file.
You can't pass priv level in Reply-Message. You need to consult your NAS
documentation to see how it's done. It's usually passed in vendor
specific attributes like Cisco avpairs.
>/ets/raddb/users have first entry for each user with correct passwd,
>followed by wrong passwd(kept it as regular expression *)
>
>xyz Auth-Type := Local , User-password = "xyz"
> Reply-Message = "successfull level(2)."
>
>xyz Auth-Type := Reject , User-password =~ "*"
> Reply-Message = "Invalid passwd for xyz(level 2)."
>
You don't need regexp there. If user entries with passwords weren't
matched it means that password is - wrong. No need to check for that.
Ivan Kalik
Kalik Informatika ISP
More information about the Freeradius-Users
mailing list