Hi,
I need to separate the users in the
machines that they have access to, i read about the huntgroups file, but
is not working, it seems that the radius is not checking the huntgroup
file to give the access.
I have a freeradius on a Redhat machine,
running with the MySQL database for the users and groups information. I
have the information on the radcheck, the radgroupcheck, and the
radgroup repply tables, all the connections and the authentication works
ok, the problem is that the users have access to all of the machines, even
the ones that they shouldnīt.
This is what i have in my radgroup reply
table..
GroupName
Attribute
op Value
test
Cisco-AVPair
= shell:cmd*
test
Cisco-AVPair
= shell:priv-lvl=15
test
Service-Type
= Shell-User
test
Huntgroup-Name =
name
the hunt group is like this.
#name huntgroup
name NAS-IP-Address
== 10.0.2.244
name NAS-IP-Address
== 10.0.2.246
name NAS-IP-Address
== 10.0.2.248
Group = test
It suppose that the user with that huntgroup
name in their attribute should only be able to connect to those IP addresess..
or thatīs what i expect.. ;)
Thank you.. in advance..
Carlos