Date: Tue, 31 Mar 1998 11:23:28 +0200 From: Andreas Klemm <aklemm@hightek.com> To: IBS / Andre Oppermann <andre@pipeline.ch>, Andreas Klemm <aklemm@hightek.com> Cc: freebsd-isp@FreeBSD.ORG Subject: Re: radius, how to enable/diable logins on different type of NAS ? Message-ID: <19980331112328.46108@hightek.com> In-Reply-To: <3520B4CF.81B2DBD3@pipeline.ch>; from IBS / Andre Oppermann on Tue, Mar 31, 1998 at 11:18:07AM %2B0200 References: <19980331111110.62824@hightek.com> <3520B4CF.81B2DBD3@pipeline.ch>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Mar 31, 1998 at 11:18:07AM +0200, IBS / Andre Oppermann wrote: > Andreas Klemm wrote: > > > > Hi ! > > > > I'm using radius as authorization protocol for every kind of > > NAS (network access router). I have two kinds of access servers: > > USR for modem dialin and > > Cisco router for router dialup > > > > Is there a way to define different kind of users within radius config > > like: - "modem" > > - "router" > > and teach every network access server, that he should only accept > > users of type modem or of type router ? > > What type of radiusd are you using (Merit, Livingston,...)? Livingston v 2.0 > But I think that would not be easy with only one radius server. > Try the following thing: create two radius config files, one > with port numbers 1645 (auth) / 1646 (acct) for the normal USR > and one with 1647 (auth) / 1648 (acct) for the cisco routers. > Start two daemons with those ports and different user files and > change the cisco radius ports to the ports above. I wanted to avoid this, but if this would be the only possibility... -- Andreas Klemm <aklemm@hightek.com> http://www.FreeBSD.ORG/~andreas/ <andreas@FreeBSD.ORG> To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980331112328.46108>