Line 204 in my users file is the following: DEFAULT Auth-Type := Reject My MySQL databse also stores huntgroup information for the FreeRadius server. I want to reject authentication by default on all my nas devices unless the usergroup which the user belongs to is allowed to access that huntgroup. I've basically followed this guide: http://wiki.freeradius.org/SQL_Huntgroup_HOWTO my radhuntgroup config: +----+-----------+----------------+----------------+------------------+ | id | groupname | nasipaddress | nasportid | usergroup | +----+-----------+----------------+----------------+------------------+ | 1 | admin | 192.168.1.1 | tty | engineeringadmin | my radgroupcheck config: +----+------------------+----------------+----+----------------+ | id | groupname | attribute | op | value | +----+------------------+----------------+----+----------------+ | 5 | engineeringadmin | Huntgroup-Name | == | admin | | 6 | engineeringadmin | Auth-Type | := | Accept | On Thu, Jan 21, 2010 at 6:21 PM, Alan Buxey <A.L.M.Buxey@lboro.ac.uk> wrote:
Hi,
users: Matched entry DEFAULT at line 204 ++[files] returns ok
whats on line 204 or your users file? the reason why I ask is because......
rlm_pap: Found existing Auth-Type, not changing it. ++[pap] returns noop rad_check_password: Found Auth-Type Accept rad_check_password: Auth-Type = Accept, accepting the user Login OK: [john.doe] (from client routerA port 1 cli 192.168.1.1)
see that? the system has been told that the Auth-Type is Accept. the only place it picked that yup from is the users file.
alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html