freeradius and Cisco VPN IPSEC profiles authentication
Phil Mayers
p.mayers at imperial.ac.uk
Thu Nov 4 17:02:14 CET 2010
On 04/11/10 15:52, Jevos, Peter wrote:
>>
>
> Dear Phil , thank you ,
> I removed Fall through parameter, it works partially, when user comes
> from the address 10.1.1.252 and Tunnel-Private-Group-ID is not Group1,
> it takes the Auth-Type := ntlm_auth_vpn ( which is wrong ), and not
> Auth-Type := vpn_auth_name.
> Therefore there must be two conditions, one is NAS-IP-Address, second is
> PVT-Group
So, match both fields.
Have you read the docs - specifically "man users"
You want something like:
DEFAULT Auth-Type := x, Service-Type == a, Tunnel-Private-Group-Id == b
Reply-Var-1 = ...
Note: ALL the conditions must be on the 1st line
More information about the Freeradius-Users
mailing list