I’ve been playing around with my lab this morning trying to get this to work, and no matter what I tried, it didn’t work, and finally I noticed something. I don’t know what your devices are that are sending authentication requests to the PI server, but in my set up, I use PAM on Linux servers. PAM, using Python, sends the authentication requests to the PI server. But the PI server does not see the user’s IP address, it sees the “client” as being the server sending the request.
So, if the flow is User(192.168.0.5) connects to a file server (192.168.0.100), the file server sends the request to the PI server (192.168.0.200). If you look in the AUdit log, you’ll see that the “client” is 192.168.0.100, not 192.168.0.5 Point being, the PI server doesn’t see the network the user is coming in from.
So, back to my original conclusion, unless your authentication method works differently than PAM (it might), then the only way you can send the requests to different places is to do a check on the server that sends the authentication request (192.168.0.100 in this example), not check on the PI server before processing.
cornelinux is by far the expert here, so maybe he knows of a way, but based on my limited experience with it over the past 6 months, I don’t see how to do it on the PI server itself.