Dear Alan,

Thank you for your reply, I did follow the rest of that guide and added the following information:

INSERT INTO `radusergroup` (`username`, `groupname`, `priority`) VALUES
('test', 'site_a_admins', 0);

INSERT INTO `radhuntgroup` (`id`, `groupname`, `nasipaddress`, `nasportid`) VALUES
(1, 'site_a', '192.168.56.2', NULL);

INSERT INTO `radgroupcheck` (`id`, `groupname`, `attribute`, `op`, `value`) VALUES
(3, 'site_a_admins', 'Huntgroup-Name', '==', 'site_a');

If I understand the guide correctly only the test user should be able to logon to site_a, however I am also granted access using my test2 user credentials: did I overlook something? Again, thanks in advance!

Kind regards,

Jeroen Bosch


Design Driven Networking - Smarter, better, controllable networks 

Jeroen Bosch | Developer
Business Centre Leeuwenveldseweg 5n, 1382 LV Weesp, NL

On Thu, Sep 11, 2014 at 5:05 PM, Alan DeKok <aland@deployingradius.com> wrote:
Jeroen Bosch wrote:
> I'm trying to setup Huntgroups using the
> HOWTO http://wiki.freeradius.org/guide/SQL-Huntgroup-HOWTO
>
> after adding "update reply {
>         Huntgroup-Name := "%{sql:SELECT groupname FROM radhuntgroup
> WHERE nasipaddress='%{NAS-IP-Address}'}"
> }"
>
> to my sites-enabled/default I do see the queries in the debugging
> information checking if the supplied user is part of the Huntgroup
> however when this is not the case the user still get's access:

  You should follow the REST of that guide.  Specifically, add an entry
to the "radgroupcheck" table.

  Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html