Restrict IPs by username
Posted: Sat Nov 21, 2015 2:09 am
Would it be possible in any way to control what IPs an user accesses?
I have a private network 10.22.0.0/16 and i have 1000 users on a freeradius auth.
For security, i require a solution to whitelist certain IPs for each user.
As the ips are rather random and can be changed from user to user, i need a flexible solution, that can be updated fast.
For example, i require user1 to access 10.22.0.1 and 10.22.0.3 and 10.22.22.5 and only these IPs.
And user2 to access 10.22.0.2, 10.22.22.15 and only these IPs
The only solution i've thought of so far is to assign static IP to each user and then allow/disallow via iptables. But doesn't seem a very good solution to me.
Do you have any better solutions?
Thank you
I have a private network 10.22.0.0/16 and i have 1000 users on a freeradius auth.
For security, i require a solution to whitelist certain IPs for each user.
As the ips are rather random and can be changed from user to user, i need a flexible solution, that can be updated fast.
For example, i require user1 to access 10.22.0.1 and 10.22.0.3 and 10.22.22.5 and only these IPs.
And user2 to access 10.22.0.2, 10.22.22.15 and only these IPs
The only solution i've thought of so far is to assign static IP to each user and then allow/disallow via iptables. But doesn't seem a very good solution to me.
Do you have any better solutions?
Thank you