|
From: | Hakanson, David J. |
Subject: | [Help-gnu-radius] checking attributes per IP |
Date: | Wed, 4 Sep 2002 17:14:58 -0500 |
I want to setup radius so it will authorize people from a certain IP
based on a specific Radius attribute. So for example, let people in from
10.10.10.1 who have authenticated and have an Attribute named GROUP = 1. We
have several modem pools which require different attributes in order to let
users in. What is the best way to get this done? I haven’t found any
documents in the radius manual to point me to a solution to this problem. The
scenario I wish to setup would be:
Users dialing into 10.10.10.1 need to authenticate as well as have the
STUDENTS=1 attribute set.
Users dialing into 10.10.10.2 need to authenticate as well as have the
FACSTAFF=1 attribute set. My raddb/users file has entries
like: student_username Auth-Type =
Pam, Auth-Data = "">
UMC-AV = “STUDENTS=1” facstaff_username Auth-Type =
Pam, Auth-Data = "">
UMC-AV = “FACSTAFF=1” where UMC-AV is a
string attribute in raddb/dictionary. Any help would
be greatly appreciated. Thanks! David Hakanson address@hidden |
[Prev in Thread] | Current Thread | [Next in Thread] |