RE: Huntgroup GROUP?
That line below means if the client is not 1.2.3.4, then reject. On Tue, 1 Feb 2005, Cris Boisvert wrote: Does this mean... the client ip has to be 1.2.3.4 if not reject Or if the client ip is this reject? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok Sent: Monday, January 31, 2005 5:14 PM To: freeradius-users@lists.freeradius.org Subject: Re: Huntgroup GROUP? Cris Boisvert [EMAIL PROTECTED] wrote: Is their a way to do that to keep users from authenticating from other nas's Other than adding all the users to the appropriate huntgroup? user Client-IP-Address != 1.2.3.4, Auth-Type := Reject ... For multiple NASes, the huntgroups are the simplest way (for now). Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- No virus found in this incoming message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 265.8.3 - Release Date: 1/31/2005 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Huntgroup GROUP?
I have this in the users file pork1 Client-IP-Address != 208.243.100.5, Auth-Type := reject, Password == test When I test from that nas I get a reject every time. Ideas? Thanx -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dustin Doris Sent: Wednesday, February 02, 2005 10:26 AM To: freeradius-users@lists.freeradius.org Subject: RE: Huntgroup GROUP? That line below means if the client is not 1.2.3.4, then reject. On Tue, 1 Feb 2005, Cris Boisvert wrote: Does this mean... the client ip has to be 1.2.3.4 if not reject Or if the client ip is this reject? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok Sent: Monday, January 31, 2005 5:14 PM To: freeradius-users@lists.freeradius.org Subject: Re: Huntgroup GROUP? Cris Boisvert [EMAIL PROTECTED] wrote: Is their a way to do that to keep users from authenticating from other nas's Other than adding all the users to the appropriate huntgroup? user Client-IP-Address != 1.2.3.4, Auth-Type := Reject ... For multiple NASes, the huntgroups are the simplest way (for now). Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- No virus found in this incoming message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 265.8.3 - Release Date: 1/31/2005 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- No virus found in this incoming message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 265.8.3 - Release Date: 1/31/2005 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Huntgroup GROUP?
Cris Boisvert [EMAIL PROTECTED] wrote: I have this in the users file pork1 Client-IP-Address != 208.243.100.5, Auth-Type := reject, Password == test When I test from that nas I get a reject every time. See what debugging mode says. Ideas? Try putting the password in a different entry of the users file. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Huntgroup GROUP?
Firstly, run the server in debug mode (as it says in the doco), and you can see exactly what its doing, and why you are being rejected: radiusd -X Secondly, the user password attribute is called User-Password (as per the examples in the users file), so try that. Regards, Mike -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Cris Boisvert Sent: Thursday, 3 February 2005 4:39 AM To: freeradius-users@lists.freeradius.org Subject: RE: Huntgroup GROUP? I have this in the users file pork1 Client-IP-Address != 208.243.100.5, Auth-Type := reject, Password == test When I test from that nas I get a reject every time. Ideas? Thanx - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Huntgroup GROUP?
Does this mean... the client ip has to be 1.2.3.4 if not reject Or if the client ip is this reject? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok Sent: Monday, January 31, 2005 5:14 PM To: freeradius-users@lists.freeradius.org Subject: Re: Huntgroup GROUP? Cris Boisvert [EMAIL PROTECTED] wrote: Is their a way to do that to keep users from authenticating from other nas's Other than adding all the users to the appropriate huntgroup? userClient-IP-Address != 1.2.3.4, Auth-Type := Reject ... For multiple NASes, the huntgroups are the simplest way (for now). Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- No virus found in this incoming message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 265.8.3 - Release Date: 1/31/2005 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Huntgroup GROUP?
Cris Boisvert [EMAIL PROTECTED] wrote: Does the place where is says Group refer to the same radgroupreply table In the database? No. It refers to Unix groups. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Huntgroup GROUP?
Is their a way to do that to keep users from authenticating from other nas's Other than adding all the users to the appropriate huntgroup? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok Sent: Monday, January 31, 2005 3:45 PM To: freeradius-users@lists.freeradius.org Subject: Re: Huntgroup GROUP? Cris Boisvert [EMAIL PROTECTED] wrote: Does the place where is says Group refer to the same radgroupreply table In the database? No. It refers to Unix groups. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- No virus found in this incoming message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 265.8.3 - Release Date: 1/31/2005 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Huntgroup GROUP?
Cris Boisvert [EMAIL PROTECTED] wrote: Is their a way to do that to keep users from authenticating from other nas's Other than adding all the users to the appropriate huntgroup? userClient-IP-Address != 1.2.3.4, Auth-Type := Reject ... For multiple NASes, the huntgroups are the simplest way (for now). Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html