Hi folks,
I am configuring my Radiator systems (2.16.1) with many realms as i have
different "business units" i want to authenticate from the same
database. (Oracle). (I also have many different <Client> clauses,
whereby i want certain realms logging in from a certain place, to only
have successfull access, bearing in mind all NASs are registered
<Client>'s and i want to avoid someone hopping onto another network
using their login to access other networks they may not be supposed to).
I am using usernames of [EMAIL PROTECTED] and i have handlers
configured to authenticate the user when a 'hit' occurs on one of my
handler statements.
I would like the added security of dictating which NAS the user connects
from before i will give an Access-Accept response, otherwise generate an
Access-Reject.
I've got "NAS-IP-Address = 1.2.3.4" in my <Handler >, which i havent
tested yet, but i assume will do what i want.
What i am wondering is, would i have to do this if i have 50 NASs, all
in the Handler line?
Looking through the docs there is the Identifier keyword, but that says
it's not supported in the standard Radiator code, only in hooks, so i
cant 'group' them and refer to them by a keyword.
I guess this begs the question, if i can have multiline Handlers, and if
so, what would be the correct syntax for them?
Commas/Newline and/or backslashes?
Also, out of curiosity, how would i specify a wildcard in a handler
statement? Does it have the smarts to parse a network/bitmask? (or a
derivative thereof)
Thanks in advance,
Chris.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
