Hello, I have recently installed freeradius and set it up to use a mysql database which will store username, passwords and attributes. My current goal is to limit user access and privileges into Cisco, and other types, of routers when support personnel SSH/telnet into them. I currently have the general access working well enough but I am having problems in figuring out how to do something I thought would be simple. I am trying to determine how to have freeradius respond with different attributes for a user depending on what device he telnets into. If he is a level 1 tech and telnets into a customer router I want him to have admin rights but if he telnets into a Core router I want him to only have Cisco level 1 access. Since these are naturally different attributes the response from freeradius needs to be different depending on the routers sending the request. From reading it seems this is possible with some rules in possibly the "radcheck" table but I cannot fully grasp the concept. Can someone please give me some direct documentation or configuration examples on this issue? I seem to know just just enough to get myself in trouble so the more detailed the instructions the better. Thanks
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html