RE: Huntgroup "GROUP"?
I have gotten a user to only respond if connected from one nas. Putting in the auth-type:= reject didn't work. Removing it all together worked... this is what I have .. If I put in multiple client ip's it doesn't work at all. Is their something special to have it use multiple client ip's? Is their a way to define "IN the user profile" not the huntgroup list. I can add "one" Client-IP-Address attribute to the Rad Group Check table and it does what I want. Is their and attribute something like Huntgroup = hunt1,hunt2 pork1 Client-IP-Address == 208.243.100.5, Password == test Thanx -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok Sent: Wednesday, February 02, 2005 6:57 PM To: freeradius-users@lists.freeradius.org Subject: Re: Huntgroup "GROUP"? "Cris Boisvert" <[EMAIL PROTECTED]> wrote: > I have this in the users file > > pork1 Client-IP-Address != 208.243.100.5, Auth-Type := reject, Password == > "test" > > When I test from that nas I get a reject every time. See what debugging mode says. > Ideas? Try putting the password in a different entry of the "users" file. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- No virus found in this incoming message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 265.8.3 - Release Date: 1/31/2005 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Huntgroup "GROUP"?
Mensaje citado por Alan DeKok <[EMAIL PROTECTED]>: > "Cris Boisvert" <[EMAIL PROTECTED]> wrote: > > I have this in the users file > > > > pork1 Client-IP-Address != 208.243.100.5, Auth-Type := reject, Password == here yo say "Client-IP-Address" > > "test" > > > > When I test from that nas I get a reject every time. but here you say you are testing from a nas maybe is better to use NAS-IP-Address insted of Client-IP-Address, it suppose to be the same but roger -- Nodo central de la red Infomed (http://www.sld.cu) Usuario linux: 97152 (http://counter.li.org) Miembro del grupo de coordinacion de LinuxCuba (http://www.linux.cu) "Whatever you do will be insignificant, but it is very important that you do it." Gandhi -- - Este mensaje fue enviado usando el servicio de correo en web de Infomed http://webmail.sld.cu - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Huntgroup "GROUP"?
Firstly, run the server in debug mode (as it says in the doco), and you can see exactly what its doing, and why you are being rejected: radiusd -X Secondly, the user password attribute is called User-Password (as per the examples in the users file), so try that. Regards, Mike >-Original Message- >From: [EMAIL PROTECTED] >[mailto:[EMAIL PROTECTED] On Behalf >Of Cris Boisvert >Sent: Thursday, 3 February 2005 4:39 AM >To: freeradius-users@lists.freeradius.org >Subject: RE: Huntgroup "GROUP"? > >I have this in the users file > >pork1 Client-IP-Address != 208.243.100.5, Auth-Type := >reject, Password == >"test" > >When I test from that nas I get a reject every time. > >Ideas? > >Thanx > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Huntgroup "GROUP"?
"Cris Boisvert" <[EMAIL PROTECTED]> wrote: > I have this in the users file > > pork1 Client-IP-Address != 208.243.100.5, Auth-Type := reject, Password == > "test" > > When I test from that nas I get a reject every time. See what debugging mode says. > Ideas? Try putting the password in a different entry of the "users" file. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Huntgroup "GROUP"?
I have this in the users file pork1 Client-IP-Address != 208.243.100.5, Auth-Type := reject, Password == "test" When I test from that nas I get a reject every time. Ideas? Thanx -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dustin Doris Sent: Wednesday, February 02, 2005 10:26 AM To: freeradius-users@lists.freeradius.org Subject: RE: Huntgroup "GROUP"? That line below means if the client is not 1.2.3.4, then reject. On Tue, 1 Feb 2005, Cris Boisvert wrote: > Does this mean... the client ip has to be 1.2.3.4 if not reject > Or if the client ip is this reject? > > > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok > Sent: Monday, January 31, 2005 5:14 PM > To: freeradius-users@lists.freeradius.org > Subject: Re: Huntgroup "GROUP"? > > "Cris Boisvert" <[EMAIL PROTECTED]> wrote: > > Is their a way to do that to keep users from authenticating from other > nas's > > Other than adding all the users to the appropriate huntgroup? > > user Client-IP-Address != 1.2.3.4, Auth-Type := Reject > ... > > > For multiple NASes, the huntgroups are the simplest way (for now). > > Alan DeKok. > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > > -- > No virus found in this incoming message. > Checked by AVG Anti-Virus. > Version: 7.0.300 / Virus Database: 265.8.3 - Release Date: 1/31/2005 > > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- No virus found in this incoming message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 265.8.3 - Release Date: 1/31/2005 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Huntgroup "GROUP"?
That line below means if the client is not 1.2.3.4, then reject. On Tue, 1 Feb 2005, Cris Boisvert wrote: > Does this mean... the client ip has to be 1.2.3.4 if not reject > Or if the client ip is this reject? > > > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok > Sent: Monday, January 31, 2005 5:14 PM > To: freeradius-users@lists.freeradius.org > Subject: Re: Huntgroup "GROUP"? > > "Cris Boisvert" <[EMAIL PROTECTED]> wrote: > > Is their a way to do that to keep users from authenticating from other > nas's > > Other than adding all the users to the appropriate huntgroup? > > user Client-IP-Address != 1.2.3.4, Auth-Type := Reject > ... > > > For multiple NASes, the huntgroups are the simplest way (for now). > > Alan DeKok. > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > > -- > No virus found in this incoming message. > Checked by AVG Anti-Virus. > Version: 7.0.300 / Virus Database: 265.8.3 - Release Date: 1/31/2005 > > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Huntgroup "GROUP"?
Does this mean... the client ip has to be 1.2.3.4 if not reject Or if the client ip is this reject? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok Sent: Monday, January 31, 2005 5:14 PM To: freeradius-users@lists.freeradius.org Subject: Re: Huntgroup "GROUP"? "Cris Boisvert" <[EMAIL PROTECTED]> wrote: > Is their a way to do that to keep users from authenticating from other nas's > Other than adding all the users to the appropriate huntgroup? userClient-IP-Address != 1.2.3.4, Auth-Type := Reject ... For multiple NASes, the huntgroups are the simplest way (for now). Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- No virus found in this incoming message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 265.8.3 - Release Date: 1/31/2005 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Huntgroup "GROUP"?
"Cris Boisvert" <[EMAIL PROTECTED]> wrote: > Is their a way to do that to keep users from authenticating from other nas's > Other than adding all the users to the appropriate huntgroup? userClient-IP-Address != 1.2.3.4, Auth-Type := Reject ... For multiple NASes, the huntgroups are the simplest way (for now). Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Huntgroup "GROUP"?
Is their a way to do that to keep users from authenticating from other nas's Other than adding all the users to the appropriate huntgroup? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok Sent: Monday, January 31, 2005 3:45 PM To: freeradius-users@lists.freeradius.org Subject: Re: Huntgroup "GROUP"? "Cris Boisvert" <[EMAIL PROTECTED]> wrote: > Does the place where is says "Group" refer to the same radgroupreply table > In the database? No. It refers to Unix groups. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- No virus found in this incoming message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 265.8.3 - Release Date: 1/31/2005 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Huntgroup "GROUP"?
"Cris Boisvert" <[EMAIL PROTECTED]> wrote: > Does the place where is says "Group" refer to the same radgroupreply table > In the database? No. It refers to Unix groups. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
