Rejecting realms based on calling client
David Aldwinckle
daldwinc at uwaterloo.ca
Tue Aug 13 15:04:07 CEST 2013
Hello,
I have two clients that proxy access requests to me. The realm varies, but the format is always userid at realm.whatever<mailto:userid at realm.whatever>
Is there a way that I can deny a specific realm when an access request is received from a specific client?
I tried adding something to policy.conf but I couldn't get the syntax right:
#Prevent secretrealm from logging in off-campus
remote_secret_reject
if ("%{Realm}" == "secretrealm.ca") && ((Client-Shortname == "proxy-client1") || (Client-Shortname == "proxy-client2"))) {
reject
}
Is there a different way that I should be doing this?
Thanks,
Dave
Dave Aldwinckle
Network Support Specialist
Information Systems and Technology
Phone: (519)-888-4567 ext. 31145
E-Mail: daldwinc at uwaterloo.ca<mailto:daldwinc at uwaterloo.ca>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20130813/40e0a658/attachment.html>
More information about the Freeradius-Users
mailing list