Marcin Jessa wrote:
Hi.
This can be done with hungroups or realms.
I use RouterOS as my NAS which has a Mikrotik-Realm Attribute. If user's Mikrotik-Realm stored in radcheck differs from the one configured on the NAS, the user gets rejected.
This way each user can have separate realm value stored in SQL matching the realm of the NAS.
So.. how would that work in a situation as follows:
Realms: Local = myisp Roaming = globalisp Usergroups: Default = dynamic Roaming = roaming
Now these are the rules .. in simple if statements
if (realm == myisp) { if (usergroup == dynamic) { auth-type = accept; } else if (usergroup == roaming) { auth-type = reject; } } else if (realm == globalisp) { if (usergroup == dynamic || usergroup == roaming) { auth-type = accept; } }
So how then do I specify that which NAS is in which realm?
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html