How to describe Huntgroup Setting?

Masaru Yoshihama Thu, 24 Feb 2005 00:10:19 -0800

Hi all.

I have Trouble with Huntgroup Setting and report this ML few month ago. 
It probles can't solve yet, So I Try to test with new FreeRadius 1.0.2
and Report again with very simple construction.


Of cousce, I already setup radiusd.conf/clients.conf and another necessary
configuration. But Important configuration file What i confuseing is only
"huntgroup" and "users"files.


lcl3# more huntgroups
----------------------------------------------
class1          NAS-IP-Address == 127.0.0.1
class1          NAS-IP-Address == 192.168.1.1
class2          NAS-IP-Address == 127.0.0.1
class2          NAS-IP-Address == 192.168.1.1
---------------------------------------------

lcl3# more users
-------------------------------------------------------------------------------
test1   Auth-Type := Local, User-Password == "pass1",Huntgroup-Name == "class1"
        Framed-Protocol = PPP,
        Framed-MTU = 1500,
        Fall-Through = 0

test2   Auth-Type := Local, User-Password == "pass2",Huntgroup-Name == "class2"
        Framed-Protocol = PPP,
        Framed-MTU = 1500,
        Fall-Through = 0
------------------------------------------------------------------------------

In this case, Each user must be authenticated with each username/password from
huntgroup NAS-IP-Address. But, Only user "test1" can authenticate normally.


#Test1: Auth with "test1" user. it act suitably.

/usr/local/bin/radtest test1 pass1 localhost 0 testing123 ppp 127.0.0.1
------------------------------------------------------------------------------
(debug mode "radiusd -X" log)
rad_recv: Access-Request packet from host 127.0.0.1:54859, id=105, length=63
        User-Name = "test1"
        User-Password = "pass1"
        NAS-IP-Address = 127.0.0.1
        NAS-Port = 0
        Framed-Protocol = PPP
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
  modcall[authorize]: module "preprocess" returns ok for request 0
  modcall[authorize]: module "attr_filter" returns noop for request 0
    rlm_realm: No '@' in User-Name = "test1", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 0
  modcall[authorize]: module "chap" returns noop for request 0
  modcall[authorize]: module "mschap" returns noop for request 0
    users: Matched entry test1 at line 5
  modcall[authorize]: module "files" returns ok for request 0
modcall: group authorize returns ok for request 0
  rad_check_password:  Found Auth-Type Local
auth: type Local
auth: user supplied User-Password matches local User-Password
Sending Access-Accept of id 105 to 127.0.0.1:54859
        Framed-Protocol = PPP
        Framed-MTU = 1500
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...

------------------------------------------------------------------------------------

#Test2: Auth with "test2" user. Why Only Huntgroup Setting cause authenticate 
error?
>auth: No authenticate method (Auth-Type) configuration found for the request: 
>Rejecting the user


/usr/local/bin/radtest test2 pass2 localhost 0 testing123 ppp 127.0.0.1
----------------------------------------------------------------------------------
(debug mode log)

rad_recv: Access-Request packet from host 127.0.0.1:52535, id=126, length=63
        User-Name = "test2"
        User-Password = "pass2"
        NAS-IP-Address = 127.0.0.1
        NAS-Port = 0
        Framed-Protocol = PPP
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 1
  modcall[authorize]: module "preprocess" returns ok for request 1
  modcall[authorize]: module "attr_filter" returns noop for request 1
    rlm_realm: No '@' in User-Name = "test2", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 1
  modcall[authorize]: module "chap" returns noop for request 1
  modcall[authorize]: module "mschap" returns noop for request 1
  modcall[authorize]: module "files" returns notfound for request 1
modcall: group authorize returns ok for request 1
auth: No authenticate method (Auth-Type) configuration found for the request: 
Rejecting the user
auth: Failed to validate the user.
Delaying request 1 for 1 seconds
Finished request 1
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 126 to 127.0.0.1:52535
Waking up in 4 seconds...
--- Walking the entire request list ---

------------------------------------------------------------------------------------

#Test3: Auth "user=test2" with Huntgroup-Name="class1"
it act suitably again.

## If I change test2 Huntgroup Setting, it will be process normally.
------------------------------------------------------------------------------
test2   Auth-Type := Local, User-Password == "pass2",Huntgroup-Name == "class1"
        Framed-Protocol = PPP,                                          ^^^^^^^
        Framed-MTU = 1500,
        Fall-Through = 0
------------------------------------------------------------------------------

User: test2 
/usr/local/bin/radtest test2 pass2 localhost 0 testing123 ppp 127.0.0.1
----------------------------------------------------------------------------------
(debug mode "radiusd -X" log)
rad_recv: Access-Request packet from host 127.0.0.1:64323, id=137, length=63
        User-Name = "test2"
        User-Password = "pass2"
        NAS-IP-Address = 127.0.0.1
        NAS-Port = 0
        Framed-Protocol = PPP
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
  modcall[authorize]: module "preprocess" returns ok for request 0
  modcall[authorize]: module "attr_filter" returns noop for request 0
    rlm_realm: No '@' in User-Name = "test2", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 0
  modcall[authorize]: module "chap" returns noop for request 0
  modcall[authorize]: module "mschap" returns noop for request 0
    users: Matched entry test2 at line 10
  modcall[authorize]: module "files" returns ok for request 0
modcall: group authorize returns ok for request 0
  rad_check_password:  Found Auth-Type Local
auth: type Local
auth: user supplied User-Password matches local User-Password
Sending Access-Accept of id 137 to 127.0.0.1:64323
        Framed-Protocol = PPP
        Framed-MTU = 1500
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 137 with timestamp 421d82ea
Nothing to do.  Sleeping until we see a request.
==========================================================================

I test with FreeBSD5.3 and (Old)RedHatLinux. Any hints?

Thanks.

-- 
----------------------------------------
Masaru Yoshihama
Email: [EMAIL PROTECTED]

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

How to describe Huntgroup Setting?

Reply via email to