[RADIATOR] Authorization groups according to NAS
Heikki Vatiainen
hvn at open.com.au
Thu Nov 22 01:54:32 CST 2012
On 11/21/2012 10:56 AM, Murat Bilal wrote:
> For Ex : group 1 and group 2 can authorize only NAS x.x.x.x
>
> Group3,group4 authorize only NAS y.y.y.y but not NAS x.x.x.x
> Can it be done from radmin or radiator?
Most likely: yes. The best way depends on how exactly users and groups
are defined. Here is one method:
Assumption: User can belong only to one group.
Solution: Set NAS-IP-Address as user check item. If there are multiple
possible NASes, defined them as: 1.2.3.4|2.3.4.5|3.4.5.6
This restricts the user to said NASes.
Thanks,
Heikki
--
Heikki Vatiainen <hvn at open.com.au>
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.
More information about the radiator
mailing list