> Hello Dustin, > > Thanks for your fast answer. > When I put == as the operator for the Huntgroup-Name attribute, I don't > have any more result. > > radius log : > rlm_sql (sql): No matching entry in the database for request from user > [mytestusername] > rlm_sql (sql): Released sql socket id: 4 > modcall[authorize]: module "sql" returns notfound for request 0 > modcall[authorize]: module "mschap" returns noop for request 0 > modcall: group authorize returns ok for request 0 > auth: No authenticate method (Auth-Type) configuration found for the > request: Rejecting the user > auth: Failed to validate the user. > > > Detail file : > Packet-Type = Access-Request > Thu May 12 12:38:36 2005 > User-Name = "mytestusername" > User-Password = "XXXX" > NAS-IP-Address = 127.0.0.1 > NAS-Port = 5060 > Client-IP-Address = 127.0.0.1 > Huntgroup-Name = "PPP" > > I think I will try in another way to stop loosing time. > Thanks for your attention to my message >
Did you update your huntgroups settings with localhost as a PPP huntgroup? >>PPP NAS-IP-Address == 192.168.2.1 >>VPN NAS-IP-Address == 192.168.2.2 Your packet had nas-ip-address of 127.0.0.1, so your user should not have matched according to your huntgroup definition. Or just try this. $ printf "User-Name = "mytestusername"\nUser-Password = "XXXX"\nNAS-IP-Address = 192.168.2.1\n" | radclient localhost auth yoursecret > > > Dustin Doris wrote: > > >On Wed, 11 May 2005, Julien freeradius wrote: > > > > > > > >>Hello, > >> > >>I would like to set freeradius to send a PPP like configuration if the > >>request come from a nas and a VPN style configuration if coming from > >>another NAS. More or less like that : > >> > >>huntgroups file: > >>PPP NAS-IP-Address == 192.168.2.1 > >>VPN NAS-IP-Address == 192.168.2.2 > >> > >> > >>Users file: > >> > >>DEFAULT Huntgroup-Name = "PPP" > >> Framed-Protocol = PPP, > >> Framed-Compression = Van-Jacobson-TCP-IP, > >> Framed-IP-Address = 255.255.255.254 > >> > >>DEFAULT Huntgroup-Name = "VPN" > >> CVPN3000-Primary-DNS = "XXX.XXX.XXX.XXX", > >> CVPN3000-Secondary-DNS = "XXX.XXX.XXX.XXX" > >> > >> > >>But I'm using MySQL. So I have set it as this: > >> > >>Usergroup table : > >> > >>| id | UserName | GroupName | > >>| 1 | TestUser | confPPP | > >>| 2 | TestUser | confVPN | > >> > >>Radgroupcheck Table : > >> > >>| id | GroupName | Attribute | op | > >>Value | > >>| 4 | confVPN | Huntgroup-Name | += | VPN | > >>| 8 | confPPP | Huntgroup-Name | += | > >>PPP | > >> > >> > > > >Why do you have the operator as += ? Try it with == instead. > > > > > > > >>RadgroupReply table : > >> > >>| id | GroupName | Attribute > >> | op | Value | prio | > >>| 701 | confPPP | Framed-Address | > >>:= | 255.255.255.254 | 3 | > >>| 700 | confPPP | Framed-Protocol > >>| := | PPP | 2 | > >>| 702 | confPPP | Framed-Compression | := > >> | Van-Jacobsen-TCP-IP | 4 | > >>| 711 | confPPP | Fall-Through > >> | := | No | 5 | > >>| 703 | confVPN | CVPN3000-Primary-DNS | := | > >>1 | 0 | > >>| 704 | confVPN | CVPN3000-Secondary-DNS | := | > >>1 | 0 | > >> > >> > >>The authentification work, the huntgroup is well match (I see the hunt > >>group on the log), but the reply include always both data, the reply of > >>the VPN AND the reply of the PPP. How can I reply only the VPN > >>attributes when the request is coming from the VPN nas and PPP atribute > >>for the other one. > >> > >>Thanks in advance. > >> > >> > >> > > > >Read man 5 users. In that it says += always matches as a check item and > >== matches if the named attribute is present and has the given value. > > > >I think that is where your problem lies. > > > > > > > >- > >List info/subscribe/unsubscribe? See > >http://www.freeradius.org/list/users.html > > > > > > > > > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
