Henrik Nordstrom wrote:
yep this sound interesting "external acl" , to query our radius "ras" , I hope this will sort lot of problem "invalid requests"On Tue, 5 Apr 2005, Matus UHLAR - fantomas wrote:
Blocking via ACL is not possible beacouse these are dialup user getting different IP when they reconnect.
well, can you find out from radius logs (or whatever auth system do you
use), which user causes that? If you provide them proxy functionality, you
should be able to do that.
You should even be able to automate it with an external acl helper querying your dialup aaa system about who the current user is, allowing you to block per dialup user name.
Regards Henrik
Thanks and regards
Askar
