I have install freeradius 0.7.1 on slackware 8.0 with shadow password Installation was ok and basic functions are working. I have experience problems wen i try to deny access to one of the groups on the radius server Following instruction did not help. I try : DEFAULT Group == "users" , Auth-Type :=Reject DEFAULT Group == users , Auth-Type :=Reject DEFAULT Group == "users" , Auth-Type =Reject DEFAULT Group == users , Auth-Type =Reject And more before: DEFAULT Auth-Type := System but nothing work. User marcin , group users was always able to authenticate. This is a debug of the auth process:
rad_recv: Access-Request packet from host 216.168.1.38:4751, id=131, length=81 NAS-IP-Address = 216.168.1.38 Calling-Station-Id = "204.251.93.250" User-Name = "[EMAIL PROTECTED]" User-Password = "\274\252\2162\275\rS+\305F.\240\007Ia" modcall: entering group authorize modcall[authorize]: module "preprocess" returns ok rlm_realm: Looking up realm hostplus.net for User-Name = "[EMAIL PROTECTED]" rlm_realm: Found realm hostplus.net rlm_realm: Adding Stripped-User-Name = "marcin" rlm_realm: Proxying request from user marcin to realm hostplus.net rlm_realm: Adding Realm = "hostplus.net" rlm_realm: Authentication realm is LOCAL. rlm_realm: auth_port is not set. proxy cancelled modcall[authorize]: module "suffix" returns noop users: Matched DEFAULT at 6 modcall[authorize]: module "files" returns ok modcall: group authorize returns ok rad_check_password: Found Auth-Type System auth: type "System" modcall: entering group authenticate modcall[authenticate]: module "unix" returns ok modcall: group authenticate returns ok Login OK: [[EMAIL PROTECTED]] (from client supernews port 0 cli 204.251.93.250) Sending Access-Accept of id 131 to 216.168.1.38:4751 Finished request 4 Going to the next request And one more thing. Will i be able to limit access based on Called-Station-id ? If so what would be a process to set this up? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html