Hi,
I need to separate the users in the machines that they have access to, i read about the huntgroups file, but is not working, it seems that the radius is not checking the huntgroup file to give the access.
I have a freeradius on a Redhat machine, running with the MySQL database for the users and groups information. I have the information on the radcheck, the radgroupcheck, and the radgroup repply tables, all the connections and the authentication works ok, the problem is that the users have access to all of the machines, even the ones that they shouldn´t.
This is what i have in my radgroup reply table..
GroupName Attribute op Value
test Cisco-AVPair = shell:cmd*
test Cisco-AVPair = shell:priv-lvl=15
test Service-Type = Shell-User
test Huntgroup-Name = name
the hunt group is like this.
#name huntgroup
name NAS-IP-Address == 10.0.2.244
name NAS-IP-Address == 10.0.2.246
name NAS-IP-Address == 10.0.2.248
Group = test
It suppose that the user with that huntgroup name in their attribute should only be able to connect to those IP addresess.. or that´s what i expect.. ;)
Thank you.. in advance..
Carlos
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html