Hi ,
My cisco sends to radius it's ip address, and isakmp-group-id ( or profile name
)
Debug from radius -X :
Cisco-AVPair = "isakmp-group-id=CiscoGroup"
Acct-Session-Id = "61286"
User-Name = "domain\\user"
Cisco-AVPair = "connect-progress=No Progress"
Acct-Authentic = Local
Acct-Status-Type = Start
NAS-Port-Type = Virtual
NAS-Port = 20
NAS-IP-Address = 10.1.1.1
How should I configure freeradius to accept request for this group
(isakmp-group-id=CiscoGroup ) only for users, that are authenticated against
Auth-Type := ntlm_auth_vpn_osw ( already used and working ) ?
However other groups ( or profiles ) should be authenticated against Auth-Type
:= vpn_auth_name
I tried this settings in the Users file but It doesn't work
DEFAULT Auth-Type := ntlm_auth_vpn_osw, NAS-IP-Address == 10.1.1.1,
Cisco-AVPair == " CiscoGroup "
Service-Type = Framed-User,
Framed-Protocol = PPP,
DEFAULT Auth-Type := vpn_auth_name
Service-Type = Framed-User,
Framed-Protocol = PPP,
Thanks
pet
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
