Re: radisu help

To: debian-isp@lists.debian.org
Subject: Re: radisu help
From: Natalino Picone <npicone3@working.it>
Date: Wed, 02 Aug 2000 14:27:22 +0200
Message-id: <[🔎] 4.3.2.7.2.20000802142653.02be3758@mbox.working.it>
In-reply-to: <[🔎] 200008020247.VAA05031@mail.infinityhealthcare.com>
References: <[🔎] 002b01bffc2a$0a35fec0$8ecdffc8@nauta3>

Take a look also at www.xtradius.com which is a cistron-radius extension....

Bye
Nat


At 21.47 01/08/2000 -0500, you wrote:

> Does anyone know how can I limit the access in radius to a group of users?
> my users file is like this

First of all, I use Cistron Radius, so some of this may be native to
Cistron.

I added groups to my Debian system... email, isdn1, isdn2,
dedicate. Email-Only accounts can't get logged in. They
don't pay for dial-up access, only POP accounts. They won't
actually see the Reply-Message if the use Windows (MS doesn't
follow the PPP specs on that one...).

ISDN1 is allowed 56/64K only.
ISDN2 is allowed 2 ISDN channels.
Dedicate never gets kicked off (they pay for 24x7).

Just add the user accounts to the proper groups on Debian.

# Users in the UNIX /etc/group 'email' group can't login....

DEFAULT Group = "email", Auth-Type = Reject
        Reply-Message = "Your account is for email only"


DEFAULT Group = "isdn1", Auth-Type = System, Simultaneous-Use = 1
        Port-Limit = 1,
        Fall-Through = Yes

DEFAULT Group = "isdn2", Auth-Type = System, Simultaneous-Use = 2
        Port-Limit = 2,
        Fall-Through = Yes

DEFAULT Group = "dedicate", Auth-Type = System, Simultaneous-Use = 1
        Service-Type = Framed-User,
        Framed-Protocol = PPP,
        Framed-IP-Address = 255.255.255.254,
        Framed-IP-Netmask = 255.255.255.255,
        Framed-Compression = Van-Jacobson-TCP-IP,
        Framed-MTU = 1500,
        Fall-Through = No


# All other accounts are to be checked against the UNIX /etc/passwd.
# Accounts are limited to 1 concurrent login, 6 hour session limit, and
# a 20 minute idle timer. Also, Analog calls Only! No ISDN!


DEFAULT Auth-Type = System, Simultaneous-Use = 1
        Service-Type = Framed-User,
        Framed-Protocol = PPP,
        Framed-IP-Address = 255.255.255.254,
        Framed-IP-Netmask = 255.255.255.255,
        Framed-Compression = Van-Jacobson-TCP-IP,
        Framed-MTU = 1500,
        Session-Timeout = 21600,
        Idle-Timeout = 1200,
        Port-Limit = 0,
        Fall-Through = No


Good Luck,
Mark

======================================================================
Mark A. Bialik                                          (414) 290-6749
Network/Security Manager                          http://www.linux.org
Infinity HealthCare, Inc.               mbialik@infinityhealthcare.com
Mequon, WI USA                  Debian/GNU Linux Documentation Project
======================================================================


--
To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- radisu help
  - From: "Helber" <helber@netnauta.com.br>
- Re: radisu help
  - From: Mark Bialik <mbialik@infinityhealthcare.com>

Prev by Date: named error
Next by Date: Re: named error
Previous by thread: Re: radisu help
Next by thread: how to setup battlenet services
Index(es):
- Date
- Thread