Hello Craig -
The usual way to do this is with Identifiers in the Client clauses and Handlers
to match.
Something like this:
…..
<Client 1.1.1.1>
Identifier JuniperNetscreen
Secret …..
…..
</Client>
<Client 2.2.2.2>
Identifier JuniperNetscreen
Secret …..
…..
</Client>
<Client 3.3.3.3>
Identifier JuniperNetscreen
Secret …..
…..
</Client>
…..
<Handler Client-Identifier = JuniperNetscreen>
<AuthBy …..>
…..
</AuthBy>
</Handler>
…..
hope that helps
regards
Hugh
On 24 Jun 2014, at 23:24, Craig Ayliffe <craig.ayli...@brennanit.com.au> wrote:
> Hi,
>
> I am looking for examples of Radiator configuration to restrict users logging
> into Juniper Netscreens running ScreenOS 6.3 and higher.
>
> Need to be able to specify the vsys to be Root and the privilege to be either
> ‘root’ or ‘read-only’ depending of their AuthorizeGroup configuration.
>
> Haven’t been able to find any examples anywhere.
> Would appreciate any assistance.
>
> Regards,
>
> Craig
>
> Craig Ayliffe | Brennan IT | Infrastructure Engineer
>
> T: 02 8235 3515 | M: 0410 400 546 | craig.ayli...@brennanit.com.au |
> www.brennanit.com.au
>
> <image940dd2.jpg@f917d609.b99d4a76>
> _______________________________________________
> radiator mailing list
> radiator@open.com.au
> http://www.open.com.au/mailman/listinfo/radiator
--
Hugh Irvine
h...@open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER, SIM, etc.
Full source on Unix, Linux, Windows, MacOSX, Solaris, VMS, NetWare etc.
_______________________________________________
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator
