At 05:55 PM 5/22/2002 -0700, Florin Andrei wrote: >I see in the Cisco PIX documentation that the PIX firewall supports >downloadable ACLs: instead of storing them on the PIX and pass the ACL >ID from RADIUS, you can download them by request. > >Is this something doable with FreeRadius?
Yes, the way that Cisco ( and others like Lucent/Ascend ) do it is to have a users entry where the username is some format like 'nas-filt' and the password is set. The reply items contain the filter rules. You'd have to get the username format used, and the syntax for the filter rules from the NAS ( PIX ) documentation. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless! \ Director, Engineering | @ @ | \ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\------------------------------------------------------ \ Wholesale Internet Services - http://www.megapop.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html