Hi all. I need that: - system group A access only switch 1.1.1.1 and 1.1.1.2 - system group B access only switch 2.1.1.1 and 2.1.1.2
I created local group of users A and B and associated users /etc/raddb/clients.conf client 1.1.1.1 { secret = "xxx" shortname = switch nastype = cisco } client 1.1.1.2 { secret = "xxx" shortname = switch nastype = cisco } client 2.1.1.1 { secret = "xxx" shortname = switch nastype = cisco } client 2.1.1.2 { secret = "xxx" shortname = switch nastype = cisco } /etc/raddb/users DEFAULT Group == "A", Auth-Type := PAM Service-Type = NAS-Prompt-User, cisco-avpair = "shell:priv-lvl=15" DEFAULT Group == "B", Auth-Type := PAM Service-Type = NAS-Prompt-User, cisco-avpair = "shell:priv-lvl=15" DEFAULT Auth-Type := Reject How can i modify my configurations to let only A users to access switch 1.1.1.1/2 and B users access switch 2.1.1.1/2 ? Thanks. =
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html