Make sure that filter access is enabled for all modem-groups, make sure that you have this filter named as filter.fil.in and also that you have a filter called filter.fil.out (empty dummy filter is good). This is needed for the filter to work. -V On Mon, 10 Jul 2000, Scott Bailey wrote:
Hi,
I am having trouble configuring and assighning filters dynamicly with radius on the Hiper Arcs. This is what I have.
On the Hiper Arc:
filter.fil
#filter IP:
005 AND src-addr = 0.0.0.0/0; 010 ACCEPT dst-addr = 216.32.74.50; 015 AND dst-addr = 0.0.0.0/0; 020 REJECT tcp-dst-port = 80; 025 AND dst-addr = 0.0.0.0/0; 030 REJECT tcp-dst-port = 443; 035 AND dst-addr = 0.0.0.0/0; 040 REJECT tcp-dst-port = 119; 045 AND dst-addr = 0.0.0.0/0; 050 REJECT tcp-dst-port = 6667; 055 AND dst-addr = 0.0.0.0/0; 060 REJECT udp-dst-port = 6667; 070 DENY;
In Radius:
Filter_ID=filter.fil,
Show session (user ID) indicates that the Filter_ID radius attribute was picked up by the NAS. However, it does not block any of the ports defined in the filter. Do I need to configur something else?
Thanks in advance for any help.
-- Scott Bailey Systems Administrator Epix Internet Services scott@epix.net 570-631-1317
- To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.
- To unsubscribe to usr-tc, send an email to "majordomo@xmission.com" with "unsubscribe usr-tc" in the body of the message. For information on digests or retrieving files and old messages send "help" to the same address. Do not use quotes in your message.