How to Restrict All Users from Certain APs

James J J Hooper jjj.hooper at bristol.ac.uk
Wed Jan 25 22:01:44 CET 2012


On 25/01/2012 20:35, White III, Joe wrote:
>
> I'm running Freeradius 1.0.1 using MySQL as the database backend.
>
> I need to configure the server so that all users are restricted from using certain access points (i.e. guest network).  It appears I need to use a DEFAULT user definition in the users file, but I can't find any examples to work from.
>
> Has someone else done this?  If so, I'd give anything to see how you did it.

Generally, you can only do this is if the requests from those "certain 
APs" have something which distinguishes them. Then you can match on this 
in the users file [using 'DEFAULT'] and set Auth-Type to Reject.

Something like as documented!:
https://github.com/alandekok/freeradius-server/blob/master/raddb/users

If you are really still using 1.0.1 (Sept 2004!?), please do upgrade. 
Apart from the technical/security aspects, the current published 
documentation will apply ;)

-James






More information about the Freeradius-Users mailing list