Hello,
I have two remote access systems that I want to use with freeradius.
One is a VPN-concentrator (Cisco PIX), the other an old-fashioned dialin-system (MAX2000)
The users that can use the VPN-concentrators MUST have a RSA token. The Dialin user, if they have a token, must use that, but if they do not, then NT-domain authentication is also sufficient.
I got all the stuff working, witjh regard to the authentication: (is use pam authentication for both Rsa and NT-domain)
But now I want to do the following:
Specialuser Auth-Type:=PAM, Pam-type="rsa"
....
....
Fall-Through = yes
DEFAULT Auth-Type:=PAM, Pam-type := "rsa"
Service-Type = Framed-User,
Framed-Protocol = PPP,
Ascend-Assign-IP-Pool = 3,
Framed-Netmask = 255.255.255.255,
....
Fall-Through = yes
DEFAULT NAS-IP-Address==5.6.7.8, Auth-Type:=PAM, Pam-type := "nt-domain"
Service-Type = Framed-User,
Framed-Protocol = PPP,
Ascend-Assign-IP-Pool = 3,
Framed-Netmask = 255.255.255.255,
....
Fall-Through = yes
So all users that have a token are allowed,
And only on the dial-system (5.6.7.8) you are also allowed with a NT password)
But when I tried this, the NAS-IP-Address doesn't seem to work.
I tried al my testing with the radtest utility !!
Rene Doove
