huntgroup check problems
Oscar Remírez de Ganuza Satrústegui
oscarrdg at unav.es
Fri Jan 20 12:43:22 CET 2012
On Fri, Jan 20, 2012 at 12:18 PM, Alan DeKok <aland at deployingradius.com>wrote:
> Oscar Remírez de Ganuza Satrústegui wrote:
>
> > I am having some problems using huntgroups to identified the origin of a
> > request.
> > I have simplified the test trying to find out the problem, but I do not
> > understand what it is happening:
>
> > (The "notworking log" is appended at the end of the message. I had to
> > trim it to make it shorter)
>
> It would have been better to follow the instruction in the FAQ,
> README, "man" page, web pages, and daily on this list: "radiusd -X".
> Using "radiusd -xX" produces 2x the output, and is NOT needed.
>
My bad. Sorry about that.
>
> > I can see in the "not working log" that on the first requests the
> > huntgroup is been recognised ok. I just do not understand why it tries
> > again to check it, until it fails (request #9).
>
> Because it's checking the user *inside* of the TLS tunnel. Go read
> raddb/sites-available/inner-tunnel. You will probably need to modify
> your huntgroup check.
>
Ok, I will have a look at it and try to make it checking at the correct
order.
>
> > I also do not understand why it needs so many requests (12!) to work ok.
>
> That's how 802.1X works. It sends lots of packets.
>
Thank you very much for your fast answer, I really appreciate it.
>
> Alan DeKok.
> <http://www.freeradius.org/list/users.html>
>
*Oscar Remírez de Ganuza Satrústegui*
Servicios Informáticos (Área de Infraestructuras)
Universidad de Navarra
Tel. +34 948425600 x3130
http://www.unav.es/SI/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20120120/e25efb55/attachment.html>
More information about the Freeradius-Users
mailing list