Hi! > Now I am a little confused. > > For user 005001, I not only want to check the Session-Timeout for > accounting, but also want to check its password for authorization. > > Before you tell me the "auth by IP address" method, my conf is like this: > > 005001 Auth-Type := Digest, Password == "005001" > > Now my question is: How can I make radius server to use Password for normal > authorization and then use the "auth by IP address" method for *b2bua > request?
You can use Fall-Through: first the entries with the NAS-IP-Address, but adding a Fall-Through = Yes, and later your other, sepcial, user. Altogether it will look like that: NAS-IP-Address == your-b2bua-ns, Auth-Type := Accept Session-Timeout := whatever, Fall-Through = Yes 005001 Auth-Type := Digest, Password == "005001" All users whose user name is *not* 005001 are caught with the first expression and not with the second. User 005001 is first caught with the first expression, but later overridden with the second one and thus needs to authenticate. Greetings, Stefan Winter -- Stefan WINTER Stiftung RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche Ingenieur Forschung & Entwicklung 6, rue Richard Coudenhove-Kalergi L-1359 Luxembourg E-Mail: [EMAIL PROTECTED] Tel.: +352 424409-1 http://www.restena.lu Fax: +352 422473
pgp6hZxbPRFC7.pgp
Description: PGP signature
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html