On May 5, 5:45pm, Stuart Henderson wrote:
Subject: Re: (RADIATOR) Blocking based on Caller ID
Is their a better way?
If you can implement caller id-based filtering in the nas that
will be better as it will avoid toll calls for your users to try
to get authenticated only to find it failing. (I think many
people would just try again, and again, if it comes back saying
'bad password' or similar).
That sounds like good advice.
If Brian did want to implement in Radiator, its probably best to use Handlers
rather than Realms. By checking a combination of NAS-IP-Address and
Calling-Station-Id, you should be able to discriminate between the ones you are
prepared to handle
Handler NAS-Ip-Address=10.11.12.13,Calling-Station-Id=/^403/
# This will handle calls into that NAS from numbers that start with 403
/Handler
Handler NAS-Ip-Address=11.11.12.13,Calling-Station-Id=/^201/
# This will handle calls into that NAS from numbers that start with 201
/Handler
Handler
# This will handle all the "illegal" combinations.
# without an AuthBy it will always reject
/Handler
Hope that helps.
Cheers.
--
Mike McCauley [EMAIL PROTECTED]
Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
Phone +61 3 9598-0985 Fax +61 3 9598-0955
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
NT, Rhapsody
===
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.