Clients connecting without group

Phil Mayers p.mayers at
Mon Feb 18 18:04:35 CET 2013

On 18/02/13 16:43, Michell wrote:
> Hello all,
> what would be the best way to not allow the user connection that does
> not have a group or have a group that does not exist?

What does "have a group that does not exist" mean? How can you be in a 
group that doesn't exist?

> Should I create a policy or a check attributes. Does anyone have an example?

Since you didn't specify where your groups are stored, it's difficult to 
help you.

> I have the problem of authenticating customers without being group and
> navigating without bandwidth control, as this is defined by the groups
> in radius.

Well, you control the group. You could change your data generation 
procedures to ensure that someone is *always* in a group.

> This issue has already been addressed here, but still not getting success.

It's too vague. Be more specific.

You can easily exclude people not in any group. Presumably, since you 
will be setting attributes for each group, you just have a final "deny 
all" policy.

Or you create a group that contains everyone, with low precedence, and 
set a "reject" on that.

More information about the Freeradius-Users mailing list