can policy.conf be used to create an access control list
michael lamborn
spock41757 at yahoo.com
Fri May 6 09:14:51 CEST 2011
Hi,
I am using version freeRadius 1.1.7. I am trying to create an access control
list via radius, to prevent specific PC's/locations from accessing my network.
Please see my policy.conf example below. My freeRadius server keeps sending an
access-accept, when I try to login in from my office as a test, which has the IP
address 10.2.222.35.
I don't understand why the server is allowing the login. It seems logical to me
the way that I have approached an implementation, but I can't find any specific
info from the wiki or in internet searches. So I am not sure if I am still
misconfigured or if it just doesn't work for some other reason.
Thanks,
Mike
In policy.conf, I have the following, but it doesn't have any affect ( I do have
'$INCLUDE ${confdir}/policy.conf' in my radiusd.conf file):
policy {
forbid_login_ip_hosts {
%{request:Login-IP-Host} =~ /^10.2./ {
reject
}
}
}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20110506/271de865/attachment.html>
More information about the Freeradius-Users
mailing list