huntgroups - doku?
Michael Messner
michael.messner_edv at inode.at
Tue Sep 19 10:19:39 CEST 2006
hello mailinglist,
in my last mail I got the information to use huntgroups to handle the
parameters for different NAS types, but after some research I have not
found good documentation of this!
Anyone knows some good recources?
Here are my new configs, it looks like they are working, but I'm not sure
if this is really the correct way:
/etc/raddb/huntgroups:
enterasys NAS-IP-Address == 141.201.43.115
enterasys NAS-IP-Address == 141.201.43.116
enterasys NAS-IP-Address == 141.201.43.117
cisco NAS-IP-Address == 141.201.43.118
cisco NAS-IP-Address == 141.201.43.119
cisco NAS-IP-Address == 141.201.43.120
one entry in /etc/raddb/users:
DEFAULT LDAP-Group == "CN=adminrole,CN=users,DC=isalab,DC=local",
Huntgroup-Name == "enterasys"
Filter-ID == "Enterasys:version=1:mgmt=su:policy=adminrole",
Reply-Message = "Welcome %{Stripped-User-Name:-%{User-Name:-None}}
in the %{mschap:NT-Domain} - Domain, there are no restrictions for
you in this network",
Fall-Through = No
DEFAULT LDAP-Group == "CN=adminrole,CN=users,DC=isalab,DC=local",
Huntgroup-Name := "cisco"
Cisco-AVPair ==
"aironet:admin-capability=write+snmp+ident+firmware+admin",
Tunnel-Type:1 = 13,
Tunnel-Medium-Type:1 = 6,
Tunnel-Private-Group-ID:1 = 1,
Reply-Message = "Welcome %{Stripped-User-Name:-%{User-Name:-None}}
in the %{mschap:NT-Domain} - Domain, there are no restrictions for
you in this network",
Fall-Through = No
is this the correct way?
thanks mIke
More information about the Freeradius-Users
mailing list