Auth-Type = Reject not working

CertaintyTech - Ed Henderson ed.henderson@certainty.net
Wed, 26 Sep 2001 13:53:02 -0400 

Create an entry for each one in the users file.  I know this is a pain
but its the only way that I could come up with.  Perhaps other more
experienced radius users can shed some light.

---
Ed.

> -----Original Message-----
> From: cistron-radius-admin@lists.cistron.nl
> [mailto:cistron-radius-admin@lists.cistron.nl]On Behalf Of Steve Buza
> Sent: Wednesday, September 26, 2001 1:25 PM
> To: cistron-radius@lists.cistron.nl
> Subject: RE: Auth-Type =3D Reject not working
>=20
>=20
> Ed,
>=20
> I understand the logic, but...
>=20
> Does this mean that I cannot use Auth-Type =3D System if
> I want to specifically reject accounts with the Users
> file?
>=20
> Without Auth-Type =3D System how do the remainder of my
> system accounts authenticate?
>=20
> Steve
>=20
> > -----Original Message-----
> > From: cistron-radius-admin@lists.cistron.nl
> > [mailto:cistron-radius-admin@lists.cistron.nl]On Behalf Of=20
> > CertaintyTech
> > - Ed Henderson
> > Sent: Wednesday, September 26, 2001 12:09 PM
> > To: cistron-radius@lists.cistron.nl
> > Subject: RE: Auth-Type =3D Reject not working
> >=20
> >=20
> > Remove the "Auth-Type =3D System" from the first DEFAULT entry.=20
> >  What happens
> > is that the radius user1 is rejected by the "Auth-Type =3D=20
> > Reject" but will be
> > allowed in because of the DEFAULT entry which permits all=20
> > system users. =20
> > So radius user1 is rejected but system user1 is accepted. =20
> > Understand? =20
> > I made the same mistake at first. =20
> >=20
> > ---
> > Ed.
> >=20
> > > -----Original Message-----
> > > From: cistron-radius-admin@lists.cistron.nl
> > > [mailto:cistron-radius-admin@lists.cistron.nl]On Behalf Of=20
> > Steve Buza
> > > Sent: Wednesday, September 26, 2001 11:29 AM
> > > To: cistron-radius@lists.cistron.nl
> > > Subject: Auth-Type =3D Reject not working
> > >=20
> > >=20
> > > Hi,
> > >=20
> > > This is my sample users file.  When I log in as user1, I=20
> > > authenticate.  I
> > > don't want to be able to authenticate with user1 because it=20
> > > is an ftp-only
> > > account.  Also, do I have user2 set right for Simultaneous-Use?
> > >=20
> > > What am I doing wrong here?
> > >=20
> > > Thanks,
> > >=20
> > > Steve
> > >=20
> > > -------------------------------------------------------------
> > >=20
> > > user1   Auth-Type =3D Reject
> > >         Reply-Message =3D "user1 is an FTP-Only account"
> > >=20
> > > user2   Simultaneous-Use =3D 4
> > >         Fall-Through =3D 1
> > >=20
> > > DEFAULT Auth-Type =3D System, Simultaneous-Use =3D 1
> > >         Fall-Through =3D 1
> > >=20
> > > DEFAULT Service-Type =3D Framed-User, Framed-Protocol =3D PPP
> > >         Framed-IP-Address =3D 255.255.255.254,
> > >         Framed-MTU =3D 576,
> > >         Session-Timeout =3D 21600,
> > >         Service-Type =3D Framed-User,
> > >         Framed-Protocol =3D PPP,
> > >         Framed-Compression =3D Van-Jacobson-TCP-IP,
> > >=20
> > > ------------------------------------------------------------
> > >=20
> > >=20
> > > -=20
> > > List info/subscribe/unsubscribe? See=20
> > http://www.radius.cistron.nl/list/
> >=20
> >=20
> > -=20
> > List info/subscribe/unsubscribe? See=20
> > http://www.radius.cistron.nl/list/
> >=20
>=20
> -=20
> List info/subscribe/unsubscribe? See=20
http://www.radius.cistron.nl/list/