Re: Users comming from different Huntgroups
Roger Peña Escobio wrote: Mensaje citado por Florian Prester [EMAIL PROTECTED]: Dustin Doris wrote: [...] You have serverB in both huntgroups. The first one that matches will be used. Therefore, serverB will only be in the premium huntgroup. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Yes I know, because I want the premium people to be able to login at every server, (serverA and serverB). Looking into the huntfile comming with the sourcecode, the server 192.168.2.5 is in both huntgroups (alphen and business) as well! I thought the procedure is like that: The request is arriving, first the username is looked up, then (if) the huntgroup is searched inthe huntgroupe file. If the huntgroup is found, the IP-Address must match!! But this looks like if a huntgroup is set, radius is looking for the NAS-IP-Address in the huntgroup file and the first matching IP-Address is taken, and therefore the depending huntgroup!!! So how can I then manage to have two groups, where the normal users may login from some NAS and the premium users may login from the same and some more!! what about checking Group and not NAS-IP for the premium group and Group _and_ NAS-IP for the normal group in the use file ? i think that what you want to do is more easy without huntgroup at all, just using NAS-IP-Address and Group member (rad)cheking in the users file. roger -- Nodo central de la red Infomed (http://www.sld.cu) Usuario linux: 97152 (http://counter.li.org) Miembro del grupo de coordinacion de LinuxCuba (http://www.linux.cu) Whatever you do will be insignificant, but it is very important that you do it. Gandhi -- - Este mensaje fue enviado usando el servicio de correo en web de Infomed http://webmail.sld.cu - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Hi, but i do not want to work with UNIX-groups on the server. florian - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Users comming from different Huntgroups
Mensaje citado por Florian Prester [EMAIL PROTECTED]: Dustin Doris wrote: [...] You have serverB in both huntgroups. The first one that matches will be used. Therefore, serverB will only be in the premium huntgroup. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Yes I know, because I want the premium people to be able to login at every server, (serverA and serverB). Looking into the huntfile comming with the sourcecode, the server 192.168.2.5 is in both huntgroups (alphen and business) as well! I thought the procedure is like that: The request is arriving, first the username is looked up, then (if) the huntgroup is searched inthe huntgroupe file. If the huntgroup is found, the IP-Address must match!! But this looks like if a huntgroup is set, radius is looking for the NAS-IP-Address in the huntgroup file and the first matching IP-Address is taken, and therefore the depending huntgroup!!! So how can I then manage to have two groups, where the normal users may login from some NAS and the premium users may login from the same and some more!! what about checking Group and not NAS-IP for the premium group and Group _and_ NAS-IP for the normal group in the use file ? i think that what you want to do is more easy without huntgroup at all, just using NAS-IP-Address and Group member (rad)cheking in the users file. roger -- Nodo central de la red Infomed (http://www.sld.cu) Usuario linux: 97152 (http://counter.li.org) Miembro del grupo de coordinacion de LinuxCuba (http://www.linux.cu) Whatever you do will be insignificant, but it is very important that you do it. Gandhi -- - Este mensaje fue enviado usando el servicio de correo en web de Infomed http://webmail.sld.cu - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Users comming from different Huntgroups
Dustin Doris wrote: Dustin Doris wrote: Hi, how can i manage to accept two kind of users: the first: premium, may login from serverA and serverB the second: normal, may only login from serverB I thought to manage this by huntgroup-file: huntgroup-file: premiumNAS-IP-Address == serverA premiumNAS-IP-Address == serverB * *normal NAS-IP-Address == serverB But with this configuration only the premium user can login from serverB, the normal users are denied!! Good start, but what's in your users file? There is more to it, the huntgroup file only defines what is a huntgroup. Something else (such as the users file) will define what to do if someone is in that huntgroup. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html The users file looks like that: user1 Auth-Type := PAP, Crypt-Password == XXX, Huntgroup-Name == premium Service-Type = Framed-User, Framed-Protocol = PPP, Framed-IP-Netmask = 255.255.255.0, Framed-IP-Address = 10.10.11.11 user2 Auth-Type := PAP, Crypt-Password == YYY, Huntgroup-Name == normal Service-Type = Framed-User, Framed-Protocol = PPP, Framed-IP-Netmask = 255.255.255.0, Framed-IP-Address = 10.10.10.11 and user1 is allowed to login, but user2 is denied, also both login from serverB. I am using Freeradius 1.0.1. You have serverB in both huntgroups. The first one that matches will be used. Therefore, serverB will only be in the premium huntgroup. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Yes I know, because I want the premium people to be able to login at every server, (serverA and serverB). Looking into the huntfile comming with the sourcecode, the server 192.168.2.5 is in both huntgroups (alphen and business) as well! I thought the procedure is like that: The request is arriving, first the username is looked up, then (if) the huntgroup is searched inthe huntgroupe file. If the huntgroup is found, the IP-Address must match!! But this looks like if a huntgroup is set, radius is looking for the NAS-IP-Address in the huntgroup file and the first matching IP-Address is taken, and therefore the depending huntgroup!!! So how can I then manage to have two groups, where the normal users may login from some NAS and the premium users may login from the same and some more!! thanks florian -- -- Dipl. Inf. Florian Prester Network Administration Regionales RechenZentrum Erlangen Universitaet Erlangen-Nuernberg Germany Tel.: +499131 8527813 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Users comming from different Huntgroups
Hi, how can i manage to accept two kind of users: the first: premium, may login from serverA and serverB the second: normal, may only login from serverB I thought to manage this by huntgroup-file: huntgroup-file: premiumNAS-IP-Address == serverA premiumNAS-IP-Address == serverB * *normal NAS-IP-Address == serverB But with this configuration only the premium user can login from serverB, the normal users are denied!! Any suggestions? thanks Florian -- -- Dipl. Inf. Florian Prester Network Administration Regionales RechenZentrum Erlangen Universitaet Erlangen-Nuernberg Germany Tel.: +499131 8527813 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Users comming from different Huntgroups
Hi, how can i manage to accept two kind of users: the first: premium, may login from serverA and serverB the second: normal, may only login from serverB I thought to manage this by huntgroup-file: huntgroup-file: premiumNAS-IP-Address == serverA premiumNAS-IP-Address == serverB * *normal NAS-IP-Address == serverB But with this configuration only the premium user can login from serverB, the normal users are denied!! Good start, but what's in your users file? There is more to it, the huntgroup file only defines what is a huntgroup. Something else (such as the users file) will define what to do if someone is in that huntgroup. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Users comming from different Huntgroups
Dustin Doris wrote: Hi, how can i manage to accept two kind of users: the first: premium, may login from serverA and serverB the second: normal, may only login from serverB I thought to manage this by huntgroup-file: huntgroup-file: premiumNAS-IP-Address == serverA premiumNAS-IP-Address == serverB * *normal NAS-IP-Address == serverB But with this configuration only the premium user can login from serverB, the normal users are denied!! Good start, but what's in your users file? There is more to it, the huntgroup file only defines what is a huntgroup. Something else (such as the users file) will define what to do if someone is in that huntgroup. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html The users file looks like that: user1 Auth-Type := PAP, Crypt-Password == XXX, Huntgroup-Name == premium Service-Type = Framed-User, Framed-Protocol = PPP, Framed-IP-Netmask = 255.255.255.0, Framed-IP-Address = 10.10.11.11 user2 Auth-Type := PAP, Crypt-Password == YYY, Huntgroup-Name == normal Service-Type = Framed-User, Framed-Protocol = PPP, Framed-IP-Netmask = 255.255.255.0, Framed-IP-Address = 10.10.10.11 and user1 is allowed to login, but user2 is denied, also both login from serverB. I am using Freeradius 1.0.1. -- -- Dipl. Inf. Florian Prester Network Administration Regionales RechenZentrum Erlangen Universitaet Erlangen-Nuernberg Germany Tel.: +499131 8527813 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Users comming from different Huntgroups
Mensaje citado por Florian Prester [EMAIL PROTECTED]: Dustin Doris wrote: Hi, how can i manage to accept two kind of users: the first: premium, may login from serverA and serverB the second: normal, may only login from serverB I thought to manage this by huntgroup-file: huntgroup-file: premiumNAS-IP-Address == serverA premiumNAS-IP-Address == serverB * *normal NAS-IP-Address == serverB But with this configuration only the premium user can login from serverB, the normal users are denied!! Good start, but what's in your users file? There is more to it, the huntgroup file only defines what is a huntgroup. Something else (such as the users file) will define what to do if someone is in that huntgroup. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html The users file looks like that: user1 Auth-Type := PAP, Crypt-Password == XXX, Huntgroup-Name == premium Service-Type = Framed-User, Framed-Protocol = PPP, Framed-IP-Netmask = 255.255.255.0, Framed-IP-Address = 10.10.11.11 user2 Auth-Type := PAP, Crypt-Password == YYY, Huntgroup-Name == normal Service-Type = Framed-User, Framed-Protocol = PPP, Framed-IP-Netmask = 255.255.255.0, Framed-IP-Address = 10.10.10.11 and user1 is allowed to login, but user2 is denied, also both login from serverB. hi, i notice something, what is the diffence between the premium and normal user from the point of view of the hunt file ? i think that nomral hunt will never evaluate, is it? roger -- Nodo central de la red Infomed (http://www.sld.cu) Usuario linux: 97152 (http://counter.li.org) Miembro del grupo de coordinacion de LinuxCuba (http://www.linux.cu) Whatever you do will be insignificant, but it is very important that you do it. Gandhi -- - Este mensaje fue enviado usando el servicio de correo en web de Infomed http://webmail.sld.cu - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Users comming from different Huntgroups
Dustin Doris wrote: Hi, how can i manage to accept two kind of users: the first: premium, may login from serverA and serverB the second: normal, may only login from serverB I thought to manage this by huntgroup-file: huntgroup-file: premiumNAS-IP-Address == serverA premiumNAS-IP-Address == serverB * *normal NAS-IP-Address == serverB But with this configuration only the premium user can login from serverB, the normal users are denied!! Good start, but what's in your users file? There is more to it, the huntgroup file only defines what is a huntgroup. Something else (such as the users file) will define what to do if someone is in that huntgroup. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html The users file looks like that: user1 Auth-Type := PAP, Crypt-Password == XXX, Huntgroup-Name == premium Service-Type = Framed-User, Framed-Protocol = PPP, Framed-IP-Netmask = 255.255.255.0, Framed-IP-Address = 10.10.11.11 user2 Auth-Type := PAP, Crypt-Password == YYY, Huntgroup-Name == normal Service-Type = Framed-User, Framed-Protocol = PPP, Framed-IP-Netmask = 255.255.255.0, Framed-IP-Address = 10.10.10.11 and user1 is allowed to login, but user2 is denied, also both login from serverB. I am using Freeradius 1.0.1. You have serverB in both huntgroups. The first one that matches will be used. Therefore, serverB will only be in the premium huntgroup. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html