Different Groups

Norman Zhang norman.zhang at gmail.com
Wed May 2 04:02:33 CEST 2007


Norman Zhang wrote:
> tnt at kalik.co.yu wrote:
>> Yes. Use NAS-IP-Address as check item. If you need a list of groups
>> and/or users/callerIDs/etc. that are allowed then use a huntgroup.
> 
> I added the following lines to huntgroup.
> 
> fw-pix		NAS-IP-Address == 10.0.0.1
> fw-pix		NAS-IP-Address == 10.0.0.2
> 
> fw-pix-group	NAS-IP-Address == 10.0.0.1
> 		User-Name = fw-admin,
> 		Group = fw-group


I also added the following lines to users

DEFAULT Group = fw-group
	cisco-avpair := "shell:priv-lvl=15"

DEFAULT Huntgroup-Name == "fw-pix"
	Fall-Through = Yes

but I still cannot work. Now there's nothing showing with debug mode. 
Can someone please give me a few pointers?

Norman




More information about the Freeradius-Users mailing list