Date: Wed, 2 Aug 2000 18:41:19 +0200 From: "Dave Wilson" <davew@sai.co.za> To: <freebsd-isp@FreeBSD.ORG> Subject: USR radius filter attributes for email only clients Message-ID: <01f601bffca0$7e432600$112821c4@sai.co.za>
next in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format.
------=_NextPart_000_01F3_01BFFCB1.3F738710
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Hi Guys, howzit going?
I'm trying to limit our dial-up users to only accessing our mailserver =
and no other hosts.
I'm using Cistron radiusd to authenticate users dialing in to a USR =
Total Control Rack and have specified the following in my "users" file:
username Auth-Type =3D System
Service-Type =3D Framed-User,
Framed-MTU =3D 1500,
Framed-Filter-Id =3D "mailonly",
Fall-Through =3D Yes
With regards to the "Framed-Filter-Id =3D "mailonly"" line I have read =
that a file must exist in the same folder as the "users" file, with a =
name "mailonly".
So in the "mailonly" file I have put the following:
USR-PW_USR_OFilter_IP =3D "mymailserverIP"
USR-PW_USR_IFilter_IP =3D "mymailserverIP"
What happens is that the user dials in authenticates and then is =
disconnected about 2 seconds afterwards.
I have looked at the radius logs and it says "login OK"
Has anyone else out there set up IP filtering with a USR Total Control =
Rack, running Cistron radiusd or any other radiusd ?
Please help if you can, I can't seem to find any documentation anywhere =
on IP filtering with USR radius attributes.
Thanks. ;-)
Regards
Dave Wilson
The S.A. Internet
(033) 3456777
0825496159
http://www.sai.co.za
"Who is General Failure and why is he reading my hard drive ?"
------=_NextPart_000_01F3_01BFFCB1.3F738710
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 5.50.4134.600" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3D"Comic Sans MS" size=3D2>Hi Guys, howzit =
going?</FONT></DIV>
<DIV><FONT face=3D"Comic Sans MS" size=3D2></FONT> </DIV>
<DIV><FONT face=3D"Comic Sans MS" size=3D2>I'm trying to limit our =
dial-up users to=20
only accessing our mailserver and no other hosts.</FONT></DIV>
<DIV><FONT face=3D"Comic Sans MS" size=3D2>I'm using Cistron radiusd to =
authenticate=20
users dialing in to a USR Total Control Rack and have specified the =
following in=20
my "users" file:</FONT></DIV>
<DIV><FONT face=3D"Comic Sans MS" size=3D2><FONT face=3D"Comic Sans MS"=20
size=3D2></FONT></FONT> </DIV>
<DIV><FONT face=3D"Comic Sans MS" size=3D2><FONT face=3D"Times New =
Roman"=20
size=3D3>username Auth-Type =3D=20
System<BR> &nb=
sp; =20
Service-Type =3D=20
Framed-User,<BR> &nb=
sp; =20
Framed-MTU =3D=20
1500,<BR> &nbs=
p; =20
Framed-Filter-Id =3D=20
"mailonly",<BR> &nbs=
p; =20
Fall-Through =3D Yes</FONT><BR></DIV></FONT>
<DIV><FONT face=3D"Comic Sans MS" size=3D2>With regards to the <FONT=20
face=3D"Times New Roman" size=3D3>"Framed-Filter-Id =3D =
"mailonly"" line I have=20
read that a file must exist in the same folder as the "users" file, with =
a name=20
"mailonly".</FONT></FONT></DIV>
<DIV>So in the "mailonly" file I have put the following:</DIV>
<DIV><FONT face=3D"Comic Sans MS" size=3D2></FONT> </DIV>
<DIV>USR-PW_USR_OFilter_IP =3D "mymailserverIP"<BR>USR-PW_USR_IFilter_IP =
=3D=20
"mymailserverIP"<BR></DIV>
<DIV><FONT face=3D"Comic Sans MS" size=3D2>What happens is that the user =
dials in=20
authenticates and then is disconnected about 2 seconds =
afterwards.</FONT></DIV>
<DIV><FONT face=3D"Comic Sans MS" size=3D2>I have looked at the radius =
logs and it=20
says "login OK"</FONT></DIV>
<DIV><FONT face=3D"Comic Sans MS" size=3D2></FONT> </DIV>
<DIV><FONT face=3D"Comic Sans MS" size=3D2>Has anyone else out there set =
up IP=20
filtering with a USR Total Control Rack, running Cistron radiusd or any =
other=20
radiusd ?</FONT></DIV>
<DIV><FONT face=3D"Comic Sans MS" size=3D2></FONT> </DIV>
<DIV><FONT face=3D"Comic Sans MS" size=3D2>Please help if you can, I =
can't seem to=20
find any documentation anywhere on IP filtering with USR radius=20
attributes.</FONT></DIV>
<DIV><FONT face=3D"Comic Sans MS" size=3D2>Thanks. =
;-)</FONT></DIV>
<DIV><FONT face=3D"Comic Sans MS" size=3D2></FONT> </DIV>
<DIV><FONT face=3D"Comic Sans MS" size=3D2></FONT><BR></DIV>
<DIV><FONT face=3D"Comic Sans MS" size=3D2>Regards<BR>Dave Wilson<BR>The =
S.A.=20
Internet<BR>(033) 3456777<BR>0825496159<BR><A=20
href=3D"http://www.sai.co.za">http://www.sai.co.za</A><BR> "Who is =
General=20
Failure and why is he reading my hard drive =
?"<BR></DIV></FONT></BODY></HTML>
------=_NextPart_000_01F3_01BFFCB1.3F738710--
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01f601bffca0$7e432600$112821c4>