How to reject when user is not in the appropiate Huntgroup for site?

Alan DeKok aland at
Thu Sep 11 17:05:42 CEST 2014

Jeroen Bosch wrote:
> I'm trying to setup Huntgroups using the
> after adding "update reply {
>         Huntgroup-Name := "%{sql:SELECT groupname FROM radhuntgroup
> WHERE nasipaddress='%{NAS-IP-Address}'}"
> }"
> to my sites-enabled/default I do see the queries in the debugging
> information checking if the supplied user is part of the Huntgroup
> however when this is not the case the user still get's access:

  You should follow the REST of that guide.  Specifically, add an entry
to the "radgroupcheck" table.

  Alan DeKok.

More information about the Freeradius-Users mailing list