I am currently running RADIUS under AIX (the AIX version of RADIUS) and having a problem.
It appears that the AIX RADIUS cannot be configured to work around this problem. I was wondering if switching to FreeRADIUS would help? The problem is this: Users are authenticating from systems that they should not be authenticating from - we need to block authentication on a per system (IP address) basis, not a per user basis. Users should be allowed to authenticate from any system that they are using _except_ a certain, specific list of IP addresses which would basically be banned/blocked from authenticating. Is this something that FreeRADIUS can do? I just started reading about it - and if nothing else it looks like exec-program-wait might be used to test the IP address and return an authentication failure?
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
