This is how I did it using LDAP. http://lists.freeradius.org/mailman/htdig/freeradius-users/2009-November/msg00001.html
I would recommend using LDAP over MySQL, as normally you would have a Corporate LDAP directory (Active Directory, or eDirectory or similar) and managing access to your Radius system from Groups based in the LDAP is a little easier than messing around with your MySQL database. But that's just me. On Fri, Feb 5, 2010 at 12:45 PM, Matt Hite <li...@beatmixed.com> wrote: > Hello -- > > I am running freeradius2-2.1.7 with MySQL as the backend datastore. > > I've got a deployment up and running supporting the admin login to > about 200 switches from a single vendor. I'm looking to expand my > deployment and thus some new requirements have surfaced. > > Requirements: > > - Different brands of gear should get different VSAs and/or general > attributes returned in Access-Accept messages. For example, if I log > in from a Cisco device, I should get a different RADIUS attribute sent > back than when logging in from a F5 or a NetScreen. > > - Some users can log into certain groups of devices, others should not > be able to > > I'm fairly certain the #2 requirement will require the user of > huntgroups. Does anyone have any idea how to accomplish requirement > #1? > > Thanks for your help in pointing me in the right direction. > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html >
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html