(RADIATOR) radius RAS communication
kihara Muriithi
wmuriithi at afsat-af.com
Tue Feb 20 08:39:22 CST 2007
Hi all
I have an equipment that can only do two level authorization, touch and
look. I am writing to the group to seek help on what need to be done on
radiator for such a setup to work.
This is what the equipment expect from radius, a name, password and an
attribute touch or look. To fulfill this, I have used the field
"description" to hold the touch and look phrases at the ldap end and
push them to radiator using
"AuthAttrDef description,packeteeraccess,reply" statement. From the
logs, ldap radiator communication seems fine.
I have then a group GroupMemberAttr packeteeraccess, to separate the
two groups and finally, I have a "AuthorizeGroup touch permit .*". I
really don't think this is necessary, but it can't also do any harm. Now
with this simple configuration, what does my NAS see? The logs don'
reveal this, unless I am misreading the file. What changes do I need to
insert on my radiator configuration to ensure the three tuples, user
name, password and "touch or look" is availed to my NAS, a packeteer?
Please advice
William
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list