Re: HuntGroup + MySQL

This is a discussion on Re: HuntGroup + MySQL within the FreeRADIUS Users forums, part of the Networking and Network Related category; On Wed, 11 May 2005, Julien freeradius wrote: > Hello, > > I would like to set freeradius to send ...


Go Back   Usenet Forums > Networking and Network Related > FreeRADIUS Users

Reload this Page Re: HuntGroup + MySQL

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 05-12-2005
Dustin Doris
 
Posts: n/a
Default Re: HuntGroup + MySQL

On Wed, 11 May 2005, Julien freeradius wrote:

> Hello,
>
> I would like to set freeradius to send a PPP like configuration if the
> request come from a nas and a VPN style configuration if coming from
> another NAS. More or less like that :
>
> huntgroups file:
> PPP NAS-IP-Address == 192.168.2.1
> VPN NAS-IP-Address == 192.168.2.2
>
>
> Users file:
>
> DEFAULT Huntgroup-Name = "PPP"
> Framed-Protocol = PPP,
> Framed-Compression = Van-Jacobson-TCP-IP,
> Framed-IP-Address = 255.255.255.254
>
> DEFAULT Huntgroup-Name = "VPN"
> CVPN3000-Primary-DNS = "XXX.XXX.XXX.XXX",
> CVPN3000-Secondary-DNS = "XXX.XXX.XXX.XXX"
>
>
> But I'm using MySQL. So I have set it as this:
>
> Usergroup table :
>
> | id | UserName | GroupName |
> | 1 | TestUser | confPPP |
> | 2 | TestUser | confVPN |
>
> Radgroupcheck Table :
>
> | id | GroupName | Attribute | op |
> Value |
> | 4 | confVPN | Huntgroup-Name | += | VPN |
> | 8 | confPPP | Huntgroup-Name | += |
> PPP |

Why do you have the operator as += ? Try it with == instead.

>
> RadgroupReply table :
>
> | id | GroupName | Attribute
> | op | Value | prio |
> | 701 | confPPP | Framed-Address |
> := | 255.255.255.254 | 3 |
> | 700 | confPPP | Framed-Protocol
> | := | PPP | 2 |
> | 702 | confPPP | Framed-Compression | :=
> | Van-Jacobsen-TCP-IP | 4 |
> | 711 | confPPP | Fall-Through
> | := | No | 5 |
> | 703 | confVPN | CVPN3000-Primary-DNS | := |
> 1 | 0 |
> | 704 | confVPN | CVPN3000-Secondary-DNS | := |
> 1 | 0 |
>
>
> The authentification work, the huntgroup is well match (I see the hunt
> group on the log), but the reply include always both data, the reply of
> the VPN AND the reply of the PPP. How can I reply only the VPN
> attributes when the request is coming from the VPN nas and PPP atribute
> for the other one.
>
> Thanks in advance.
>

Read man 5 users. In that it says += always matches as a check item and
== matches if the named attribute is present and has the given value.

I think that is where your problem lies.



-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Reply With Quote
Reply
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 11:26 AM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0