From owner-freebsd-isp Mon Apr 20 09:39:01 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id JAA03171 for freebsd-isp-outgoing; Mon, 20 Apr 1998 09:39:01 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from mercury.jorsm.com (mercury.jorsm.com [207.112.128.9]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id QAA02953 for ; Mon, 20 Apr 1998 16:37:57 GMT (envelope-from jeff@mercury.jorsm.com) Received: from localhost (jeff@localhost) by mercury.jorsm.com (8.8.7/8.8.7) with SMTP id LAA17574; Mon, 20 Apr 1998 11:37:09 -0500 (CDT) Date: Mon, 20 Apr 1998 11:37:09 -0500 (CDT) From: Jeff Lynch Reply-To: Jeff Lynch To: joe cc: freebsd-isp@FreeBSD.ORG Subject: Re: multiservice radius In-Reply-To: <002f01bd6c68$81f41ea0$027462d1@speed.thebestisp.com> Message-ID: MIME-Version: 1.0 Content-Type: MULTIPART/ALTERNATIVE; BOUNDARY="----=_NextPart_000_002C_01BD6C3E.9738DBE0" Content-ID: Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. Send mail to mime@docserver.cac.washington.edu for more info. ------=_NextPart_000_002C_01BD6C3E.9738DBE0 Content-Type: TEXT/PLAIN; CHARSET=iso-8859-1 Content-ID: On Mon, 20 Apr 1998, joe wrote: > I know this has been covered before and I have tried using some of the suggestions but have had no success.. we currently run the radius package that came as a package with FreeBSD 2.2.5. the problems are that one person can log in several times and there is no way that I am aware of to limit users to certain services (33.6, 56K, ISDN, DSL) this is beginning to cause a problem as people "SHARE" their password and we have differen price levels for 33.6 and 56K so all someone has to do is find the 56K number pay for a 33.6 and bang they get a discount :( good for them bad for us at any rate this seems simple to me but I have not found a solution any ideas? Thanks. > > joe@thebestisp.com > [ Gak, please wrap your lines at 72 columns or less. And what was in that attachement? Most of us won't take time to look. ] We use Cistron radius. You need a few hacks for the radutmp file on FreeBSD as discussed last month. Check the archives. If your NAS equipment properly sets the NAS-Port-Type attribute for your needs, you can use that as a check item to restrict certain port types to certain users. If you have different phone numbers and different equipment for 33.6 and 56K, you can use cistron's huntgroups feature to restrict connections to specific NAS IPs and ports. However, your 56K equipment is the same as your 33.6K stuff, it will be much harder to do. There was a discussion on USR-TC about limiting connection types to X2/non-X2 but that is a rather tedious setup and IMHO limits the most efficient use of equipment. BTW, Cistron's huntgroups feature allows you to group terminal servers and subsets of ports to provide better control of access priveledges and reply items to do things like assign a static IP if they come in on one huntgroup but not on others, etc... Very nice. ========================================================================= Jeffrey A. Lynch JORSM Internet email: jeff@jorsm.com Northwest Indiana's Full-Service Provider Voice: (219)322-2180 927 Sheffield Avenue, Dyer, IN 46311 Autoresponse: info@jorsm.com http://www.jorsm.com ------=_NextPart_000_002C_01BD6C3E.9738DBE0-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message