I've ported all my freeradius user files/info to mysql. I have a groups setup with a few users in each. However, when I attempt to login to the VPN freeradius debug shows the proxy to the SBR server. SBR returns an access-accept message and the user is logged into the VPN. Uh oh - the user I attempted to login with was not listed in radcheck or usergroup. What do I need to do to have freeradius reject the auth request (even if the proxied SBR reponse was access-accept) if the user isn't part of a 'VPN' group?
--- Alan DeKok <[EMAIL PROTECTED]> wrote: > Josh <[EMAIL PROTECTED]> wrote: > > I'm actually running Funk (Juniper) Steel-Belted > > Radius on the windows box. I'm working out issues > > with the user profiles on that box... I was > hoping to > > let freeradius take care of who had access to > proxy > > (if possible). > > "man rlm_passwd" > > Put the users into a group, and for people not in > the "VPN" group, > disallow them access to the VPN. > > Alan DeKok. > -- > http://deployingradius.com - The web site of > the book > http://deployingradius.com/blog/ - The blog > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html