Date: Wed, 2 Aug 2000 18:41:19 +0200 From: "Dave Wilson" <davew@sai.co.za> To: <freebsd-isp@FreeBSD.ORG> Subject: USR radius filter attributes for email only clients Message-ID: <01f601bffca0$7e432600$112821c4@sai.co.za>
next in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format. ------=_NextPart_000_01F3_01BFFCB1.3F738710 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Hi Guys, howzit going? I'm trying to limit our dial-up users to only accessing our mailserver = and no other hosts. I'm using Cistron radiusd to authenticate users dialing in to a USR = Total Control Rack and have specified the following in my "users" file: username Auth-Type =3D System Service-Type =3D Framed-User, Framed-MTU =3D 1500, Framed-Filter-Id =3D "mailonly", Fall-Through =3D Yes With regards to the "Framed-Filter-Id =3D "mailonly"" line I have read = that a file must exist in the same folder as the "users" file, with a = name "mailonly". So in the "mailonly" file I have put the following: USR-PW_USR_OFilter_IP =3D "mymailserverIP" USR-PW_USR_IFilter_IP =3D "mymailserverIP" What happens is that the user dials in authenticates and then is = disconnected about 2 seconds afterwards. I have looked at the radius logs and it says "login OK" Has anyone else out there set up IP filtering with a USR Total Control = Rack, running Cistron radiusd or any other radiusd ? Please help if you can, I can't seem to find any documentation anywhere = on IP filtering with USR radius attributes. Thanks. ;-) Regards Dave Wilson The S.A. Internet (033) 3456777 0825496159 http://www.sai.co.za "Who is General Failure and why is he reading my hard drive ?" ------=_NextPart_000_01F3_01BFFCB1.3F738710 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META http-equiv=3DContent-Type content=3D"text/html; = charset=3Diso-8859-1"> <META content=3D"MSHTML 5.50.4134.600" name=3DGENERATOR> <STYLE></STYLE> </HEAD> <BODY bgColor=3D#ffffff> <DIV><FONT face=3D"Comic Sans MS" size=3D2>Hi Guys, howzit = going?</FONT></DIV> <DIV><FONT face=3D"Comic Sans MS" size=3D2></FONT> </DIV> <DIV><FONT face=3D"Comic Sans MS" size=3D2>I'm trying to limit our = dial-up users to=20 only accessing our mailserver and no other hosts.</FONT></DIV> <DIV><FONT face=3D"Comic Sans MS" size=3D2>I'm using Cistron radiusd to = authenticate=20 users dialing in to a USR Total Control Rack and have specified the = following in=20 my "users" file:</FONT></DIV> <DIV><FONT face=3D"Comic Sans MS" size=3D2><FONT face=3D"Comic Sans MS"=20 size=3D2></FONT></FONT> </DIV> <DIV><FONT face=3D"Comic Sans MS" size=3D2><FONT face=3D"Times New = Roman"=20 size=3D3>username Auth-Type =3D=20 System<BR> &nb= sp; =20 Service-Type =3D=20 Framed-User,<BR> &nb= sp; =20 Framed-MTU =3D=20 1500,<BR> &nbs= p; =20 Framed-Filter-Id =3D=20 "mailonly",<BR> &nbs= p; =20 Fall-Through =3D Yes</FONT><BR></DIV></FONT> <DIV><FONT face=3D"Comic Sans MS" size=3D2>With regards to the <FONT=20 face=3D"Times New Roman" size=3D3>"Framed-Filter-Id =3D = "mailonly"" line I have=20 read that a file must exist in the same folder as the "users" file, with = a name=20 "mailonly".</FONT></FONT></DIV> <DIV>So in the "mailonly" file I have put the following:</DIV> <DIV><FONT face=3D"Comic Sans MS" size=3D2></FONT> </DIV> <DIV>USR-PW_USR_OFilter_IP =3D "mymailserverIP"<BR>USR-PW_USR_IFilter_IP = =3D=20 "mymailserverIP"<BR></DIV> <DIV><FONT face=3D"Comic Sans MS" size=3D2>What happens is that the user = dials in=20 authenticates and then is disconnected about 2 seconds = afterwards.</FONT></DIV> <DIV><FONT face=3D"Comic Sans MS" size=3D2>I have looked at the radius = logs and it=20 says "login OK"</FONT></DIV> <DIV><FONT face=3D"Comic Sans MS" size=3D2></FONT> </DIV> <DIV><FONT face=3D"Comic Sans MS" size=3D2>Has anyone else out there set = up IP=20 filtering with a USR Total Control Rack, running Cistron radiusd or any = other=20 radiusd ?</FONT></DIV> <DIV><FONT face=3D"Comic Sans MS" size=3D2></FONT> </DIV> <DIV><FONT face=3D"Comic Sans MS" size=3D2>Please help if you can, I = can't seem to=20 find any documentation anywhere on IP filtering with USR radius=20 attributes.</FONT></DIV> <DIV><FONT face=3D"Comic Sans MS" size=3D2>Thanks. = ;-)</FONT></DIV> <DIV><FONT face=3D"Comic Sans MS" size=3D2></FONT> </DIV> <DIV><FONT face=3D"Comic Sans MS" size=3D2></FONT><BR></DIV> <DIV><FONT face=3D"Comic Sans MS" size=3D2>Regards<BR>Dave Wilson<BR>The = S.A.=20 Internet<BR>(033) 3456777<BR>0825496159<BR><A=20 href=3D"http://www.sai.co.za">http://www.sai.co.za</A><BR> "Who is = General=20 Failure and why is he reading my hard drive = ?"<BR></DIV></FONT></BODY></HTML> ------=_NextPart_000_01F3_01BFFCB1.3F738710-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01f601bffca0$7e432600$112821c4>