Thank you phill, that's great help, but it still doesn't work as it
should.
Now I don't know how should I adjust the users file : )
I used
if ((NAS-IP-Address == 1.1.1.1) && "%{mschap:NT-Domain}" =
"vipdomainuser")) {
update control {
Auth-Type := ntlm_auth_vip
}
update reply {
Cisco-AVPair += "ipsec:addr-pool=vip_vpn_pool"
}
}
And in the user file is:
DEFAULT Auth-Type := ntlm_auth_vpn_osw
Service-Type = Framed-User,
Framed-Protocol = PPP,
With this it's working as it should , however if request comes from the
different NT-Domain then "vipdomainuser" it's blocked ( according the
ntlm_auth_vip ), and it doesn't go to another DEFAULT rule where
everybody can pass.
I trid also Fall-through parameter, it didn't work as well,
I'm sorry that I'm bothering again ( Alan tried to explain me many times
), but I was using MS IAS many years, and my concepts come from this
system
Thank you
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
