user-group for rejected users

Alan DeKok aland at
Fri Dec 3 09:19:29 CET 2010

Fabricio Viana wrote:
> Let´s suppose the following situations:
> 1) User exists but the password is wrong
> 2) User does not exist
> In both cases the answer is REJECT.
> It happens that certain hardware is making endless attempts that
> eventually saturating the server.

  See "reject_delay" in radiusd.conf.  It's intended to slow down broken

> - It is possible to cause the server, instead of rejecting the users,
> accept the login but responds ACCEPT with "framed-pool = pool-block" ?

  Sure.  Just configure that....

> - Is there any way to put REJECT users in a given group by default?

  See the FAQ.

  Alan DeKok.

More information about the Freeradius-Users mailing list