Can I define the attributes in the users file and leave the actual users in the database.?
So the database will authenticate with the user/pass scenario and they read the users file for the attributes to reply with? Thanx Cris -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dustin Doris Sent: Wednesday, January 05, 2005 10:39 AM To: freeradius-users@lists.freeradius.org Subject: RE: Huntgroup > I apologize about the plain text. > This is what I have in the huntgroup file. > > Huntgroup1 NAS-IP-ADDRESS == 1.2.3.4 > Group = Dialup > Slipstream-Auth = "true", > X-Ascend-Data-Filter == "ip in forward tcp est", > X-Ascend-Data-Filter == "ip in forward dstip 1.2.5.4/32", > X-Ascend-Data-Filter == "ip in drop tcp dstport = 25", > X-Ascend-Data-Filter == "ip in forward", > > > Huntgroup2 NAS-IP-ADDRESS == 1.2.3.5 > Group =Wireless > RB-Context-Name = local, > Fall-Through = yes, > The Huntgroups file is where you list attributes that would match the huntgroup. The users file or sql table is where you will list the attributes you want to reply to the user with. > My users file is empty because I use a Mysql database for the users names. > > > The database is setup like this > > > Username group password > Joe Wireless test > Bob Dialup test > > > > Currently the sql group table responds based on the group I put them in.. > I want it not to be that way. I want it to respond based on the NAS device > the users connects from.. Using huntgroups and users files you can do this. You could also store the reply attributes in a mysql group, but I've never done that, so can't help much on that. huntgroups group1 NAS-IP-Address == 1.1.1.1 group2 NAS-IP-Address == 2.2.2.2 users DEFAULT Huntgroup-Name == group1 X-Ascend-Data-Filter == "ip in forward tcp est", Reply-Attribute2 = value, Reply-Attribute3 = value DEFAULT Huntgroup-Name == group2 Reply-Attribute = value So, when a user comes in it will search the users file. If it comes from 1.1.1.1 it will match huntgroup-name group1. Then it is told to send those particular reply attributes. If the user does not come in from huntgroup1, it won't match and will continue searching the users file until there is a match. I think you just need to simplify your setup. Hope that helps. Remember, in the huntgroups file you just define what matches a huntgroup. You have to define what reply attributes will be returned somewhere else, such as the users file, sql table, ldap, etc... - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- No virus found in this incoming message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 265.6.8 - Release Date: 1/3/2005 -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 265.6.8 - Release Date: 1/3/2005 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
