Remote IP Authentication
Barny Ritchley
barnyritchley at hotmail.com
Thu Jun 11 10:16:10 CEST 2009
I did do that, but if i add Auth-Type := Accept, i still want to validate the IP sent in h323-remote-address. Also, i will want to want to run a couple of SQL queries which also determine whether or not the user should be authenticated. Is it possible to get radius to authenticate a user against a custom script?
Thanks
> Date: Thu, 11 Jun 2009 00:01:09 +0100
> Subject: Re: Remote IP Authentication
> From: tnt at kalik.net
> To: barnyritchley at technologist.com; freeradius-users at lists.freeradius.org
>
> > I cant find any info on the Cisco-compatible Remote IP authentication
> > method.
> >
> > I have looked everywhere and cannot see how to authenticate by
> > h323-remote-address to freeradius.
> >
> >
> >
> > The Radius Request looks like:
> >
> >
> >
> > User-Name = '2001'
> > Calling-Station-Id = '2001'
> > Called-Station-Id = '012356789'
> > h323-remote-address = '172.101.91.1
> >
>
> That's it? No password?
>
> >
> > i want to check against the h323-remote-address. If it is an ip which is
> > stored against a username, then the authentication should be successful.
> >
> >
> >
> > i am using MySQL and i tried adding this to the radcheck table:
> >
> >
> >
> > attribute: h323-remote-address
> >
> > op: ==
> >
> > value: 172.101.91.1
> >
>
> That's like mac authentication with no password then. Add Auth-Type :=
> Accept to radcheck for the same user.
>
> Ivan Kalik
> Kalik Informatika ISP
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090611/ab15c6b8/attachment.html>
More information about the Freeradius-Users
mailing list