Hello John/All
I'm moving from free-radius 1.1.7 to 2.1.1. In the old setup I was using the huntgroup file to tag a NAS and based on the IP address of that NAS assign it a huntgroup. Then, in the users file, I would send the huntgroup particular attributes. The Users file would look like this: DEFAULT Huntgroup-Name == "Test_Group" Authentication-Type = Accept, (*** this line no longer works in 2.1.1. It errors out with Invalid Octet string "Accept" for attribute name "Authentication-Type") Tunnel-Medium-Type = IP, Tunnel-Type = L2TP, etc.. In Freeradius 2.1.1 I've implemented the huntgroup table in the backend which works well (using mysql and the guide provided below by John.) I need to know how can I send the attributes above to the NAS based on the sql huntgroup match which I get back from the SQL query? I've tried to add a group in the radgroupreply table that sends back all necessary attributes however that did not work as the huntgroup was not being checked against the radgroupreply table. I can currently achieve what I need by enabling the users file (with the DEFAULT Entries in it) to be read in the preprocess module however I was hoping to keep all this in mysql. Running radiusd -X I can see that the huntgroup is identified correctly and I get a ++ [request] returns ok from it however I'm not sure how to send it the above attributes from sql instead of the users flatfile. Any help is appreciated, Adrian From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John Dennis Sent: Tuesday, November 11, 2008 9:43 AM To: FreeRadius users mailing list Subject: Re: Restricting user to specific NAS Port Sean Preston wrote: Hi 2008/11/11 <mailto:[EMAIL PROTECTED]> <[EMAIL PROTECTED]>: I need to restrict a specifc user to say 2 specific NAS ports and then define a different account to some different specific NAS ports. Currently as long as an account is only ever going to use one NAS port I can restrict it by adding the entry to the radcheck table. So for example if I have 10 users, I have 10 entries with the NAS port and the == operator. However if I want to add some accounts with multiple entries then .. use huntgroups. Ok I think I understand what needs to be done. So the next question then is how do I setup huntgroups to be in the same database as everything else because as it stands it looks like it can only be a file and I am going to have hundreds of groups and it would be easier to manage in the database. Regards Sean I wrote documentation for how to implement huntgroups in SQL. It does require FreeRADIUS version 2.x because it depends on unlang. You won't need to modify FreeRADIUS 2.x, all you'll need to do is edit some config files and add a table to your database. The documentation is attached as a text file to this email. HTH, John -- John Dennis <mailto:[EMAIL PROTECTED]> <[EMAIL PROTECTED]>
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html