Jevos, Peter wrote: > How can I skip to the second DEFAULT if the first DEFAULT doesn’t pass ?
Use the "Fall-Through" attribute. See comments in the default "users" file. > So if request comes from the 10.1.1.2 and user doesn’t pass through > authentication, it should be forwarded to another DEFAULT ( with the > vpn_auth_name authentication). That is *completely* different from the previous question, and much more difficult. The "users" file is only processed once, at the "authorize" stage. You're asking for something else to happen if authentication fails. i.e. when the "users" is no longer being processed. A much better choice is to set the authentication type only once. i.e. "if the user is in group X, do ntlm_auth. Otherwise, vpn_auth" Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
