Yup, that did it!!! Thanks Alan!! -----Original Message----- From: freeradius-users-bounces@lists.freeradius.org [mailto:freeradius-users-bounces@lists.freeradius.org] On Behalf Of Alan DeKok Sent: Friday, October 14, 2005 4:51 PM To: lsantiago@globalgatewaycom.com; FreeRadius users mailing list Subject: Re: Group checking - Radius AVP retrieval <lenirsantiago@yahoo.com> wrote:
These are mysql tables:
+----+----------+-----------+----+----------+ | id | UserName | Attribute | op | Value | +----+----------+-----------+----+----------+ | 1 | Jhassell | Password | == | changeme |
Use := rather than ==. See the rlm_sql documentation.
| 8 | 1000 | Auth-Type | := | Digest | +----+----------+-----------+----+----------+
This forces digest authentication, even if they don't use digest. Don't set Auth-Type unless you REALLY know what you're doing.
rad_recv: Access-Request packet from host xx.xx.xx.xx:33025, id=15, length=67 User-Name = "1000@xx.xx.xx.xx" Sip-Group = "Dialin2" Service-Type = Group-Check NAS-IP-Address = 127.0.0.1 NAS-Port = 0
There's no User-password *or* digest attributes in the packet, so you can't do PAP or digest authentication. If you don't set Auth-type := Digest, it looks like it might work. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html