請問下 radius+pptpd+mysql 認證的vpn 如何限制某用戶組只能從某個nas撥入
對應的 radius 屬性是什麼, 謝拉
《解決方案》
NAS-IP-Address在radcheck里設置一下就行了
《解決方案》
多謝了, 再問下操作符用什麼啊?
《解決方案》
radgroupcheck 表
+----+-----------+------------------+-------------+----+
| id | groupname | attribute | Value | op |
+----+-----------+------------------+-------------+----+
| 7 | golden | Simultaneous-Use | 1 | := |
| 11 | golden | NAS-IP-Address | 203.77.15.1 | == |
+----+-----------+------------------+-------------+----+
rad_recv: Accounting-Request packet from host 203.77.15.12 port 32904, id=250, length=158
User-Name = "david"
NAS-IP-Address = 203.77.15.12
NAS-Port = 5
Service-Type = Dialout-Framed-User
Framed-Protocol = PPP
Framed-IP-Address = 192.168.3.6
Calling-Station-Id = "202.37.33.1"
NAS-Identifier = "OpenVpn"
Acct-Status-Type = Stop
Acct-Input-Octets = 2772
Acct-Output-Octets = 5473
Acct-Session-Id = "DC5EC69B045500B5AAB21A70569C4724"
Acct-Session-Time = 9
Acct-Input-Gigawords = 0
Acct-Output-Gigawords = 0
NAS-Port-Type = Virtual
這樣在 radgroupcheck 表裡面設置了,用戶還是可以從 非 radgroupcheck 表裡的nas 撥進來
[ 本帖最後由 koogame 於 2008-3-28 14:12 編輯 ]