On 04/01/13 14:18, Joe Rogers wrote:
I am having difficulties implementing the following users file
configuration in sql using freeradius 2.2.0:
user1 Calling-Station-Id == "xx-xx-xx-xx-xx-xx"
Tunnel-Private-Group-ID = VLAN1,
Tunnel-Medium-Type = IEEE-802,
Tunnel-Type = VLAN
user1 Calling-Station-Id == "yy-yy-yy-yy-yy-yy"
Tunnel-Private-Group-ID = VLAN2,
Tunnel-Medium-Type = IEEE-802,
Tunnel-Type = VLAN
I'm attempting to send different reply attributes for the same username
based on different check attributes. But, I'm having a hard time seeing
how this is possible with rlm_sql using the default
authorize_check_query and authorize_reply_query settings. I can
certainly re-write those queries, but I'm hoping that I'm simply
overlooking the proper way to configure this.
I think you need to rewrite the queries. IIRC there is no way to have >1
set of radcheck/radreply users for a single user; the check/reply
entries are merged.
You can probably (ab)use the groups functionality to do this.
Or, don't use the radcheck/radreply stuff at all; instead use an SQL
xlat in "unlang":
post-auth {
update reply {
Tunnel-Private-Group-ID = "%{sql:select vlan ... where ...}"
Tunnel-Medium-Type = IEEE-802
Tunnel-Type = VLAN
}
}
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html