Huntgroup matching when using PostgreSQL to authenticate users in 3.0.13

Gianni Costanzi gianni.costanzi at
Wed Dec 6 17:18:51 CET 2017

we have a working 3.0.13 Freeradius installation which authenticates users
using a PostgreSQL DB and I was wondering where I should add the Huntgroup
matching in the sql DB.

For example I've put the following configuration within the PostgreSQL
database tables (radcheck for the secret, radreply for the returned

c89c.1dd9.ce81          Cleartext-Password := "mysecret"
                        ERX-Virtual-Router-Name = default:vrf-test,
                        ERX-Qos-Set-Name = "XXXX",
                        ERX-CoS-Shaping-Pmt-Type = "T01 SM-xxx",
                        ERX-CoS-Shaping-Pmt-Type += "T02 8M",
                        ERX-CoS-Shaping-Pmt-Type += "T03 1M"

With the users file it is easy to implement huntgroup matching, I could
return different parameters for the same user depending on the huntgroup

c89c.1dd9.ce81          Cleartext-Password := "mysecret", Huntgroup-Name ==
                        ERX-Virtual-Router-Name = default:vrf-XXX,

c89c.1dd9.ce81          Cleartext-Password := "mysecret", Huntgroup-Name ==
                        ERX-Virtual-Router-Name = default:vrf-YYY,

Maybe it is not possible to implement this behavior with a DB backend, but
I would be happy to know at least how to use a single Huntgroup-Name
matching for the users contained within the PostgreSQL DB (I want to
autenticate users with the data in the DB only if the NAS-IP-Address from
where they are authenticated matches a specific huntgroup)

Best regards,
    Gianni Costanzi

More information about the Freeradius-Users mailing list