Restricting access to NAS via http login authentication list
Hello, Didnt really know what kind of title I should have given this one but I will try to explain what it is I am aiming for. The switches I use supports both http and https login towards the switch to administrate it. The switch has support for using an athentication towards a radius server to check if the user wanting to login to the switch is a existing user in the radius server. The problem I have is that every user in the user file in Freeradius can access the switch when im using an authentication list which checks against the radius server. Is there anyway to restrict so that only one specific user in the users file can get access to the NAS? Best regards/ Peter Carlstedt _ Hotmail: Trusted email with Microsoft’s powerful SPAM protection. https://signup.live.com/signup.aspx?id=60969- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Restricting access to NAS via http login authentication list
i think that only the NAS has the power to decide it. RADIUS sends only the accounts 2010/5/19 Peter Carlstedt pc_...@hotmail.com: Hello, Didnt really know what kind of title I should have given this one but I will try to explain what it is I am aiming for. The switches I use supports both http and https login towards the switch to administrate it. The switch has support for using an athentication towards a radius server to check if the user wanting to login to the switch is a existing user in the radius server. The problem I have is that every user in the user file in Freeradius can access the switch when im using an authentication list which checks against the radius server. Is there anyway to restrict so that only one specific user in the users file can get access to the NAS? Best regards/ Peter Carlstedt Hotmail: Trusted email with Microsoft’s powerful SPAM protection. Sign up now. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Pozdrawiam! Maciej Drobniuch - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Restricting access to NAS via http login authentication list
Peter Carlstedt wrote: The problem I have is that every user in the user file in Freeradius can access the switch when im using an authentication list which checks against the radius server. Is there anyway to restrict so that only one specific user in the users file can get access to the NAS? What is different between an administrator request, and a normal user request? i.e. look at the contents of the Access-Request. Odds are that they're different. Then... if (... looks like admin) { check against admin login } else (... looks like normal user ...) { check against normal user login } Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html