In radgroupcheck set up something like this:
+----+-------------+------------------+----+-------------+
| id | GroupName | Attribute | op | Value |
+----+-------------+------------------+----+-------------+
| 1 | restricted | Called-Station-ID | == | 1112223333 |
| 2 | restricted | Auth-Type | := |
reject |
+----+-------------+------------------+----+-------------+
The thing a lot of people mess up is they don't realize Auth-Type :=
reject needs to go in radgroupcheck not radgroupreply.
Then in usergroup try this for each user you want to set this
restriction for:
+--------+-------------+---------------+
| id | UserName | GroupName |
+--------+-------------+---------------+
| 39747 | <user> | restricted |
+--------+-------------+---------------+
That should do it.
Chris Carver
Pennswoods.Net
Network Engineer
Mike Jakubik wrote:
Christopher Carver wrote:
In the users file you could have a line...
DEFAULT Called-Station-ID == 1112223333, Auth-Type := Reject
As i mentioned, i need to do this in the sql database and for each
group. Adding the Called-Station-ID to radgroupcheck results in the
following error:
Thu May 18 16:39:13 2006 : Info: rlm_sql (sql): No matching entry in
the database for request from user [xxx]
Thu May 18 16:39:13 2006 : Auth: Login incorrect: [xxx/xxx] (from
client xxx port 1485 cli xxx)
- List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html