Date: Wed, 2 Aug 2000 18:41:19 +0200 From: "Dave Wilson" <davew@sai.co.za> To: <freebsd-isp@FreeBSD.ORG> Subject: USR radius filter attributes for email only clients Message-ID: <01f601bffca0$7e432600$112821c4@sai.co.za>
index | next in thread | raw e-mail
[-- Attachment #1 --]
Hi Guys, howzit going?
I'm trying to limit our dial-up users to only accessing our mailserver and no other hosts.
I'm using Cistron radiusd to authenticate users dialing in to a USR Total Control Rack and have specified the following in my "users" file:
username Auth-Type = System
Service-Type = Framed-User,
Framed-MTU = 1500,
Framed-Filter-Id = "mailonly",
Fall-Through = Yes
With regards to the "Framed-Filter-Id = "mailonly"" line I have read that a file must exist in the same folder as the "users" file, with a name "mailonly".
So in the "mailonly" file I have put the following:
USR-PW_USR_OFilter_IP = "mymailserverIP"
USR-PW_USR_IFilter_IP = "mymailserverIP"
What happens is that the user dials in authenticates and then is disconnected about 2 seconds afterwards.
I have looked at the radius logs and it says "login OK"
Has anyone else out there set up IP filtering with a USR Total Control Rack, running Cistron radiusd or any other radiusd ?
Please help if you can, I can't seem to find any documentation anywhere on IP filtering with USR radius attributes.
Thanks. ;-)
Regards
Dave Wilson
The S.A. Internet
(033) 3456777
0825496159
http://www.sai.co.za
"Who is General Failure and why is he reading my hard drive ?"
[-- Attachment #2 --]
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 5.50.4134.600" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT face="Comic Sans MS" size=2>Hi Guys, howzit going?</FONT></DIV>
<DIV><FONT face="Comic Sans MS" size=2></FONT> </DIV>
<DIV><FONT face="Comic Sans MS" size=2>I'm trying to limit our dial-up users to
only accessing our mailserver and no other hosts.</FONT></DIV>
<DIV><FONT face="Comic Sans MS" size=2>I'm using Cistron radiusd to authenticate
users dialing in to a USR Total Control Rack and have specified the following in
my "users" file:</FONT></DIV>
<DIV><FONT face="Comic Sans MS" size=2><FONT face="Comic Sans MS"
size=2></FONT></FONT> </DIV>
<DIV><FONT face="Comic Sans MS" size=2><FONT face="Times New Roman"
size=3>username Auth-Type =
System<BR>
Service-Type =
Framed-User,<BR>
Framed-MTU =
1500,<BR>
Framed-Filter-Id =
"mailonly",<BR>
Fall-Through = Yes</FONT><BR></DIV></FONT>
<DIV><FONT face="Comic Sans MS" size=2>With regards to the <FONT
face="Times New Roman" size=3>"Framed-Filter-Id = "mailonly"" line I have
read that a file must exist in the same folder as the "users" file, with a name
"mailonly".</FONT></FONT></DIV>
<DIV>So in the "mailonly" file I have put the following:</DIV>
<DIV><FONT face="Comic Sans MS" size=2></FONT> </DIV>
<DIV>USR-PW_USR_OFilter_IP = "mymailserverIP"<BR>USR-PW_USR_IFilter_IP =
"mymailserverIP"<BR></DIV>
<DIV><FONT face="Comic Sans MS" size=2>What happens is that the user dials in
authenticates and then is disconnected about 2 seconds afterwards.</FONT></DIV>
<DIV><FONT face="Comic Sans MS" size=2>I have looked at the radius logs and it
says "login OK"</FONT></DIV>
<DIV><FONT face="Comic Sans MS" size=2></FONT> </DIV>
<DIV><FONT face="Comic Sans MS" size=2>Has anyone else out there set up IP
filtering with a USR Total Control Rack, running Cistron radiusd or any other
radiusd ?</FONT></DIV>
<DIV><FONT face="Comic Sans MS" size=2></FONT> </DIV>
<DIV><FONT face="Comic Sans MS" size=2>Please help if you can, I can't seem to
find any documentation anywhere on IP filtering with USR radius
attributes.</FONT></DIV>
<DIV><FONT face="Comic Sans MS" size=2>Thanks. ;-)</FONT></DIV>
<DIV><FONT face="Comic Sans MS" size=2></FONT> </DIV>
<DIV><FONT face="Comic Sans MS" size=2></FONT><BR></DIV>
<DIV><FONT face="Comic Sans MS" size=2>Regards<BR>Dave Wilson<BR>The S.A.
Internet<BR>(033) 3456777<BR>0825496159<BR><A
href="http://www.sai.co.za">http://www.sai.co.za</A><BR> "Who is General
Failure and why is he reading my hard drive ?"<BR></DIV></FONT></BODY></HTML>
home |
help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01f601bffca0$7e432600$112821c4>