Marcin Jessa wrote:

Hi.

This can be done with hungroups or realms.
I use RouterOS as my NAS which has a Mikrotik-Realm Attribute. If user's Mikrotik-Realm stored in radcheck differs from the one configured on the NAS, the user gets rejected.
This way each user can have separate realm value stored in SQL matching the realm of the NAS.


So.. how would that work in a situation as follows:

Realms:
   Local = myisp
   Roaming = globalisp
Usergroups:
   Default = dynamic
   Roaming =  roaming

Now these are the rules .. in simple if statements

if (realm == myisp)
{
   if (usergroup == dynamic)
   {
       auth-type = accept;
   } else if (usergroup == roaming)
   {
       auth-type = reject;
   }
} else if (realm == globalisp)
{
   if (usergroup == dynamic || usergroup == roaming)
   {
       auth-type = accept;
   }
}

So how then do I specify that which NAS is in which realm?

- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to