freeradius and Cisco VPN IPSEC profiles authentication

Alan DeKok aland at
Thu Nov 11 12:53:09 CET 2010

Jevos, Peter wrote:

  First, edit your posts to delete unneeded text.  Repeating all of the
message you're replying to is unfriendly.

> I agree with you , regarding the logic "when the packet looks like X, choose A. When it looks like Y, choose B"
> I sit possible to apply it ? Which files should be affected ?

  See "man unlang".  Put the logic into raddb/sites-available/default,
the "authorize" section.

> The point is that I'm missing packet workflow in the freeradius, during its processing ( something like has postfix : )

  See doc/aaa.rst (or doc/aaa.txt, depending on the FR version)

> It means so I have no idea what files should be changed, therefore I thought that users file solves everything

  Uh... read the debug output, and look at the files in the "raddb"
directory.  The directory has more than *one* file.  This should be a
hint that the "users" file doesn't solve everything.

  Alan DeKok.

More information about the Freeradius-Users mailing list