Thomas Keitel <[EMAIL PROTECTED]> wrote: > Is there an FAQ or doc that references how to use freeradius with > routers?
I don't think so. But if the router speaks RADIUS, then it doesn't matter if it's a router, a NAS, or a desktop box. It's just a RADIUS client. > In particular, I am looking for a way to use freeradius to > control enable access on a foundry switch. Right now, if I set up the > foundry to use radius to authenticate the enable command, any user who > can authenticate via radius can enable. I would like to have two groups > of users: 1 group that can login but not enable and 1 group that can > login and enable. RADIUS doesn't have the concept of groups, but Unix does. You can use Unix groups in the server. > I guess I am also hoping to get radiusd to auth/reject > based on specific attribute strings that are passed when the auth > request is made. Uh, yes. That's what it's for. See 'raddb/users' Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html