How to Restrict All Users from Certain APs
White III, Joe
Joe.White at arvatousa.com
Wed Jan 25 22:37:19 CET 2012
> Generally, you can only do this is if the requests from those "certain
> APs" have something which distinguishes them. Then you can match on this
> in the users file [using 'DEFAULT'] and set Auth-Type to Reject.
If I have three access points I don't want users to access, can I do something like below?
+-----+------------------+----------------+-------+-------+-----------+
| id | nasname | shortname | type | ports | secret |
+-----+------------------+----------------+-------+-------+-----------+
| 136 | 172.18.100.8 | ap-2000-cd6 | other | NULL | letmelook |
| 11 | 172.18.100.4 | ap2000-cd-2 | other | NULL | letmelook |
| 10 | 172.18.100.5 | ap2000-cd-3 | other | NULL | letmelook |
DEFAULT shortname == ap-2000-cd6, Auth-type := reject,
Fall-Through = yes
DEFAULT shortname == ap2000-cd-2, Auth-type := reject
Fall-Through = yes
DEFAULT shortname == ap2000-cd-3, Auth-type := reject
Joe White
________________________________
System Administrator @ Arvato Digital Services @ 108 Monticello Rd, Weaverville, NC 28787 @ 828-423-0269
More information about the Freeradius-Users
mailing list