(RADIATOR) NAS-Port Check Item

Hugh Irvine hugh at open.com.au
Wed Dec 10 03:47:28 CST 2003 

Hello MunFai -

Your AuthBy SQL clause(s) will need an additional check item for the 
NAS-Port.

Something like this:

	<AuthBy SQL>
		.....
		AuthSelect select password, nasport from subscribers \
			where username=%0
		AuthColumnDef 0, Password, check
		AuthColumnDef 1, NAS-Port, check
		.....
	</AuthBy>

See section 6.28 in the Radiator 3.7.1 reference manual 
("doc/ref.html").

regards

Hugh


On 10/12/2003, at 5:28 PM, MunFai wrote:

> Hi Hugh,
>
> Every single user trying to log in must only connect through a 
> specified NAS-Port. I have three different AuthBy SQL clauses to 
> handle different user types, and a single Realm clause which steps 
> through the 3 AuthBy clauses.
>
> I realise that I can actually do something like <Handle NAS-Port=xxxx> 
> to only allow logins through NAS-Port xxx, but is there a more elegant 
> solution than this?
>
> Regards,
> Mun Fai
>
>
> Hugh Irvine wrote:
>
>>
>> Hello MunFai -
>>
>> If you want to do this on a per-user basis, you will need to add a 
>> check item like this:
>>
>> someuser        Password = xxxxxxx, Nas-Port = nnn
>>
>> The details depend on how your configuration is set up and the AuthBy 
>> clause you are using.
>>
>> regards
>>
>> Hugh
>>
>>
>> On 10/12/2003, at 2:57 PM, MunFai wrote:
>>
>>> I have a newbie question...
>>>
>>> I am trying to limit logins to only a certain NAS port. From the 
>>> documentation I understand that this is possible with the use of the 
>>> check item NAS-Port. Now, where do I put this in the configuration 
>>> file? I've tried to define it under <Realm>, <Handler> and even 
>>> <AuthBy SQL>, but I keep getting an 'Unknown keyword 'NAS-Port' 
>>> error. NAS-Port is in defined in my dictionary file as:
>>>
>>> ATTRIBUTE       NAS-Port                        5       integer
>>>
>>>
>>> Heeelllp! Thanks...
>>>
>>>
>>> ===
>>> Archive at http://www.open.com.au/archives/radiator/
>>> Announcements on radiator-announce at open.com.au
>>> To unsubscribe, email 'majordomo at open.com.au' with
>>> 'unsubscribe radiator' in the body of the message.
>>>
>>>
>>
>> NB: have you included a copy of your configuration file (no secrets),
>> together with a trace 4 debug showing what is happening?
>>
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list