Huntgroup matching when using PostgreSQL to authenticate users in 3.0.13

Gianni Costanzi gianni.costanzi at gmail.com
Wed Dec 6 17:18:51 CET 2017


Hi,
we have a working 3.0.13 Freeradius installation which authenticates users
using a PostgreSQL DB and I was wondering where I should add the Huntgroup
matching in the sql DB.

For example I've put the following configuration within the PostgreSQL
database tables (radcheck for the secret, radreply for the returned
parameters)

c89c.1dd9.ce81          Cleartext-Password := "mysecret"
                        ERX-Virtual-Router-Name = default:vrf-test,
                        ERX-Qos-Set-Name = "XXXX",
                        ERX-CoS-Shaping-Pmt-Type = "T01 SM-xxx",
                        ERX-CoS-Shaping-Pmt-Type += "T02 8M",
                        ERX-CoS-Shaping-Pmt-Type += "T03 1M"

With the users file it is easy to implement huntgroup matching, I could
return different parameters for the same user depending on the huntgroup
with:

c89c.1dd9.ce81          Cleartext-Password := "mysecret", Huntgroup-Name ==
XXX
                        ERX-Virtual-Router-Name = default:vrf-XXX,
                        [...]

c89c.1dd9.ce81          Cleartext-Password := "mysecret", Huntgroup-Name ==
YYY
                        ERX-Virtual-Router-Name = default:vrf-YYY,
                        [...]

Maybe it is not possible to implement this behavior with a DB backend, but
I would be happy to know at least how to use a single Huntgroup-Name
matching for the users contained within the PostgreSQL DB (I want to
autenticate users with the data in the DB only if the NAS-IP-Address from
where they are authenticated matches a specific huntgroup)

Best regards,
    Gianni Costanzi


More information about the Freeradius-Users mailing list