How not to proxy?

Leighton Man l.j.man at hud.ac.uk
Fri Dec 18 11:19:09 CET 2009


Hi,

I am authenticating users on cisco switches (telnet or console access) amongst others.
In sites-enabled/default, after pap, I have:

if(!control:Auth-Type && (request:NAS-Port-Type == Virtual || request:NAS-Port-Type == Async) && ldap_staff-Ldap-Group == correctADgroup) {
     update control {
          Auth-Type = "ntlm_auth"
     }
     update reply {
        cisco-avpair = shell:priv-lvl=15
     }
}

If I enter "user at realm" rather than just "user" then the request is proxied to the servers for the default realm. What is the best way to prevent proxying for just these users whilst allowing it for all others?
A pointer to the relevant docs would be much appreciated.
Thanks in advance,

Leighton


---
This transmission is confidential and may be legally privileged. If you receive it in error, please notify us immediately by e-mail and remove it from your system. If the content of this e-mail does not relate to the business of the University of Huddersfield, then we do not endorse it and will accept no liability.




More information about the Freeradius-Users mailing list