Huntgroup Checking
simonm123
simon.morley at me.com
Sun Oct 30 17:54:10 CET 2011
Am new to freeradius but have it mainly set up just fine. It's a fantastic
tool and I'm enjoying using it :)
Just one thing I'm struggling with is the huntgroups. I've followed the wiki
to the letter and can see the server checking in the debug log.
What I basically want to do is restrict users to certain networks, as per
the wiki. If their huntgroup-name matches their huntgroup based on nasip,
they can get online, otherwise they're rejected.
I've put Huntgroup-Name = NetworkA in my radgroupcheck folder.
In my radhuntgroup table, I have the nasip and groupname = NetworkA
Then, in the authorize section of my default host, I put:
update request {
Huntgroup-Name := "%{sql:SELECT `groupname` FROM `radhuntgroup` WHERE
nasipaddress='%{NAS-IP-Address}'}"
}
if (Huntgroup-Name == ''){
reject
}
All as per the tutorial
In my debug log, if there is no match by IP, Huntgroup-Name is blank and the
user is rejected.
However, if the nasip address match but the name is different, the user is
still allowed on.
Do I need a more advanced query in the if section and if so,could you please
advise what it should be
Simon
--
View this message in context: http://freeradius.1045715.n5.nabble.com/Huntgroup-Checking-tp4950385p4950385.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
More information about the Freeradius-Users
mailing list