huntgroup check problems

Oscar Remírez de Ganuza Satrústegui oscarrdg at unav.es
Fri Jan 27 12:05:46 CET 2012 

Good morning,

I have been studying the configuration of the file
sites-available/inner-tunnel and making some tests. I have found that the
"files" check in the authorize section made my configuration not to work as
desired because, as Alan said, inside the TLS tunnel the huntgroup check
was failing.

As the users file is checked on the first requests received, and the wrong
huntgroup filtered out, it is not necessary to check it again inside the
tunnel. I have removed it from my configuration and it is working ok now.

Just wanted to update how my question got resolved.

Thank you very much again for your help.

Regards,
*
Oscar Remírez de Ganuza Satrústegui*
Servicios Informáticos (Área de Infraestructuras)
Universidad de Navarra
Tel. +34 948425600 x3130
http://www.unav.es/SI/


On Fri, Jan 20, 2012 at 12:43 PM, Oscar Remírez de Ganuza Satrústegui <
oscarrdg at unav.es> wrote:

> On Fri, Jan 20, 2012 at 12:18 PM, Alan DeKok <aland at deployingradius.com>wrote:
>
>> Oscar Remírez de Ganuza Satrústegui wrote:
>>
>>  > I can see in the "not working log" that on the first requests the
>> > huntgroup is been recognised ok. I just do not understand why it tries
>> > again to check it, until it fails (request #9).
>>
>>   Because it's checking the user *inside* of the TLS tunnel.  Go read
>> raddb/sites-available/inner-tunnel.  You will probably need to modify
>> your huntgroup check.
>>
>
> Ok, I will have a look at it and try to make it checking at the correct
> order.
>
>
>>
>> > I also do not understand why it needs so many requests (12!) to work ok.
>>
>>   That's how 802.1X works.  It sends lots of packets.
>>
>
> Thank you very much for your fast answer, I really appreciate it.
>
>
>>
>>  Alan DeKok.
>>  <http://www.freeradius.org/list/users.html>
>>
>
> *Oscar Remírez de Ganuza Satrústegui*
> Servicios Informáticos (Área de Infraestructuras)
> Universidad de Navarra
> Tel. +34 948425600 x3130
> http://www.unav.es/SI/
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20120127/6aed0512/attachment.html>

More information about the Freeradius-Users mailing list