we are using two different NAS: NAS-A and NAS-B. The NAS use Radius to query privacyidea and send their addresses in the NAS-IP-Address field.
User-Group-1 should be allowed to connect to both NAS, User-Group-2 should only be allowed to connect to NAS-A.
Does the freeradius-plugin pass the NAS-IP-Address to privacyidea? Can privacyidea process the authentication / authorization decision based on this scenario. Which kind of policy would I have to configure?
Thanks a lot and best wishes