Hi,
Hope you are referring to
realm freescale.com {
type = radius
authhost = LOCAL
accthost = LOCAL
present in the radiusd.conf file. removed it. Restarted the freeradius server.
The user file contains
na...@freescale.com Cleartext-Password := "navin123"
Even then when tested with radtest tool , the users "navin" &
"na...@freescale.com"
are both getting authenticated. I would prefer only
na...@freescale.com get authenticated
and user "navin" should get rejected.
have a nice day,
navin
At 07:37 PM 7/15/2009, you wrote:
> I am new to radius . hence kindly excuse if my terminologies
> are different from what is expected.
>
> I am using Freeradius Version 1.1.7.
> Is it possible to reject when a request comes from the NAS server
> with a user logging in without a realm as suffix?
>
> For example, if the FreeRadius server receives an authentication
> request for the user navin , it has to reject. but if it receives
> the request as na...@freescale.com it has to authenticate him.
>
> I tried the below options:
>
> I am not using the proxy request support.
> Hence commenting proxy.conf file and setting proxy_requests = no
> in the radiusd.conf file.
>
> Added the below in the radiusd.conf file with the intention that
> users of realm freescale.com has to be authenticated and other users
> should be rejected.
>
> realm freescale.com {
> type = radius
> authhost = LOCAL
> accthost = LOCAL
> }
Remove that. Your user file entry will sort out who gets authenticated and
who doesn't.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html