Hi,
I have 4 NAS-IP-Addresses.
My users are split into 6 groups (some are in multiple groups): public, faculty, staff, student, vpn, and admin.
I would like the users to get access to the NAS by virtue of being in a group.
192.168.1.1 admin 192.168.1.2 vpn 192.168.1.3 & 192.168.1.4 faculty, staff, student & public
To make group of NASes use the huntgroup file, for instance: firstnas NAS-IP-Address == 192.168.1.1 ... lastnas NAS-IP-Address == 192.168.1.3 lastnas NAS-IP-Address == 192.168.1.4 Then define your LDAP server in radiusd.conf Then use the users file to make your rules such as: DEFAULT Huntgroup-Name == firstnas, Ldap-Group == admin Reply-Message = "XXX" Fall-Through = no For more info see: /usr/share/doc/freeradius/rlm_ldap /usr/share/doc/freeradius/ldap_howto.txt HTH, Thibault