Maybe the problem is here:

rad_recv: Access-Request packet from host 127.0.0.1 port 6729, id=139, length=58
        User-Name = "steve2"
        User-Password = "testing"
        NAS-IP-Address = 192.168.2.251
        NAS-Port = 10



2010/9/1 Alfonso Alejandro Reyes Jiménez <conesh@gmail.com>
Thanks for the advice to everyone.

As per your recomendation we changed the users file with the following line:

steve2    Cleartext-Password := "testing", Huntgroup-Name == "arcsight"

but we got the same result access-reject.

And we got the following output:

rad_recv: Access-Request packet from host 127.0.0.1 port 6729, id=139, length=58
        User-Name = "steve2"
        User-Password = "testing"
        NAS-IP-Address = 192.168.2.251
        NAS-Port = 10
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "steve2", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop

[eap] No EAP-Message, not doing EAP
++[eap] returns noop
++[unix] returns notfound
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING! No "known good" password found for the user.  Authentication may fail because of this.
++[pap] returns noop
No authenticate method (Auth-Type) configuration found for the request: Rejecting the user
Failed to authenticate the user.
Using Post-Auth-Type Reject
+- entering group REJECT {...}
[attr_filter.access_reject]     expand: %{User-Name} -> steve2
 attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 0 for 1 seconds

Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 0
Sending Access-Reject of id 139 to 127.0.0.1 port 6729
Waking up in 4.9 seconds.
Cleaning up request 0 ID 139 with timestamp +5

I have a question, we remove the autentication value and the debug shows that it is looking for it, why is that?

May be someone that has the huntgroups running can send the examples of the users and huntgroups files, that may help a lot.

Thanks in advance.

Regards

Alfonso.

El 24/08/2010 04:46 a.m., Alan DeKok escribió:
Alfonso Alejandro Reyes Jiménez wrote:
Hi, I'm trying to use the huntgroup feature on the freeradius software
with out luck. I think I'm missing something that's why I'm sending this
email maybe you can help me.
  You should read the debug output of the server.  The answer is in there.

users file at the end:

alfonso  Auth-Type := Local, User-Password == "testing", Huntgroup-Name
== "squid"
  <sigh>  Don't set Auth-Type.  Use "Cleartext-Password := ...", and not
"User-Password == ..."

Here's the output of the debug, it seems that it doesn't find the config
file.
  No.  It finds the DEFAULT entry earlier in the file.

  Why?  This is documented.  Read the comments at the top of the "users"
file.  Read the "man users" page.  Read the FAQ for an example of how to
configure a test user.

  Alan DeKok.

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html



--
Carlos Eduardo Tavares Terra
Red Hat Certified Engineer
Consultor em Administração de Redes Linux
GNU/Linux #413291 [http://counter.li.org]