Sql radgroupcheck match airespace-wlan-id
Paolo Barbato
paolo.barbato at igi.cnr.it
Mon May 14 11:00:01 CEST 2012
I suppose to have sort out this……but
I want reject user "paolo" when coming from airespace-wlan-id = 5
radcheck
9 paolo Expiration := 15 May 2012
8 paolo Cleartext-Password := paolo
radusergroup
paolo rfxguest 0
radgroupcheck
4 rfxguest Airespace-Wlan-Id := 5
radgoupreply
1 rfxguest Auth-Type := Reject
radius -X ….
Module: Instantiating module "sql" from file /usr/local/etc/raddb/sql.conf
sql {
driver = "rlm_sql_mysql"
server = "localhost"
port = ""
login = "radius"
password = "xxxxxx"
radius_db = "radius"
read_groups = yes
sqltrace = no
sqltracefile = "/usr/local/var/log/radius/sqltrace.sql"
readclients = no
deletestalesessions = yes
num_sql_socks = 5
lifetime = 0
max_queries = 0
sql_user_name = "%{User-Name}"
…..
[peap] Using saved attributes from the original Access-Accept
Auth-Type := Reject
Session-Timeout = 48445
User-Name = "paolo"
[eap] Freeing handler
++[eap] returns ok
Login OK: [paolo] (from client private-network-1 port 1 cli 00-24-36-b6-3a-22)
EAP-PEAP tunnel reply attribute return Auth-Type = Reject
but paolo is authenticated.
Any details to look into to debug this ?
Thanks fro any reply,
Paolo.
------------------------------------------------------------------------------------------------
Paolo Barbato
Consorzio RFX
corso Stati Uniti,4
35127 Padova - Italy
Network Administrator
phone: +39 049 8295097 fax: +39 049 8700718
------------------------------------------------------------------------------------------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20120514/4a46b5bf/attachment.html>
More information about the Freeradius-Users
mailing list