> We're running radius on a linux server (runs great - please no flames!).
> Presently we're using the default 'UNIX' user to have radius authenticate
> against the /etc/passwd file. Is there a clever way to add someone to the
> radius USER file such that they would be denied dial-up PPP access thru the
> PM but still have a valid userid/password in /etc/passwd? I'd like to have
> it so that if they tried to dial in they would get some sort of 'access
> denied' message.
>
I do this for my "ether only" accounts. I have all the dialin users in
the radius database. If I dont want them to dial in I just remove thier
radius entry. they can still telnet in, but no dialup.
However, it means that you have to have a radius entry for each account
and no "default".
\\|// ^^^^^ )))(( %%%%% ,,,,,
(- -) (o o) (- o) (0-0) (* *)
+--ooO-(_)-Ooo--oo0-(_)-0oo--ooO-(_)-Ooo--oo0-(_)-0oo--ooO-(_)-Ooo--+
| NETWORK OPERATIONS CENTER |
| mailto:support@friendly.jeffnet.org Voice # 800-876-8797 |
| http://jeffnet.org/linuxisp 541-776-3283 |
| Mike Taylor - Network Services Manager |
+-------------------------------------------------------------------+