At 05:55 PM 5/22/2002 -0700, Florin Andrei wrote:
>I see in the Cisco PIX documentation that the PIX firewall supports
>downloadable ACLs: instead of storing them on the PIX and pass the ACL
>ID from RADIUS, you can download them by request.
>
>Is this something doable with FreeRadius?
Yes, the way that Cisco ( and others like Lucent/Ascend ) do it is to
have a users entry where the username is some format like 'nas-filt' and
the password is set.
The reply items contain the filter rules. You'd have to get the username
format used, and the syntax for the filter rules from the NAS ( PIX )
documentation.
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~ ~ / \ WX *is* Wireless! \ Director, Engineering
| @ @ | \ http://www.starnetwx.net \ (847) 963-0116
oOo---(_)---oOo--\------------------------------------------------------
\ Wholesale Internet Services - http://www.megapop.net
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
