Using user groups to simply my config

Jason Womack jason at
Fri Apr 15 04:00:11 UTC 2022


How I can go about assigning a group value to each user definition and 
then post-auth (I think from reading) use that group name to define the 
specific attributes such as Tunnel-Type, Tunnel-Medium-Type, and 
Tunnel-Private-Group-Id. I simply want to do this to avoid having to 
repeat all these tunnel values for each device.  I am running freeradius 
v3.0.25 on freebsd.

Pseudo Example

authorize file
AABBCCDDEEFFGG Group := "iot", Cleartext-Password := "AABBCCDDEEFFGG"

site-enabled/default (I think it might go here)

if (group == "iot) { #update reply, set Tunnel-* values }

Any guidance someone could provide would be great. All the examples I 
have found seem to be using the mysql backend and I don't have a need 
for the additional complexity but will go down that route if its 

More information about the Freeradius-Users mailing list