Allowing user from one realm but not another

Alan DeKok aland at
Sun Feb 14 08:42:57 CET 2010

Jeff A wrote:
> I have three different realms users can login with
> For examples they are (,,

  Are all users valid on all realms?  If so, why?

> Say billy at <mailto:billy at> has abused the realm
> now I need him solely on the and disallowing the other two
> realms. In other words reject him before if he trys to use the old realm
> again. In other words I want to allow only billy to use this one new
> realm and be rejected if he trys another realm.

  Then you need a rule specifically for that user.

> This has to take place I figure in preproxy, cause my users file is
> authenticated minus the realm in proxy..

  You can still access the "Realm" attribute in the "users" file:

bob	Realm != "", Auth-Type := Reject

  Alan DeKok.

More information about the Freeradius-Users mailing list