Brenckle, Nicholas wrote:
I had incorrectly thought that the "Hint ==" portion of the entry in the
hints file tied to the users file entry with the same "Hint ==" part.
Sort of a "tie these two things together because they have the same
name" or something.
No.
To reiterate - hints adds items to the incoming request to make them
look as if they came from the NAS. Most often, the "Hint" item is set to
some kind of service name.
The issue is that I do not see the extra attributes passed from the
entry in the users file.
The thing below is an incomplete entry, and your problem is still unclear.
Service-Type = Framed-User,
Framed-Protocol = PPP,
X-Ascend-Data-Filter = "IP IN FORWARD TCP EST",
X-Ascend-Data-Filter += "IP IN FORWARD 0 DSTIP
192.168.100.100/32",
X-Ascend-Data-Filter += "IP IN DROP TCP DSTPORT = 25",
X-Ascend-Data-Filter += "IP IN FORWARD 0",
X-Ascend-Assign-IP-Pool = 0
So if the hints file is not needed to make sure these attributes are
passed to the authenticating user, what does? The user does pass
authentication correctly.
The users file. You would normally have:
user1 User-Password := "pass"
Fall-Through = Yes
user2 Auth-Type := Reject
Reply-Message = "This user is banned",
Fall-Through = No
DEFAULT
Service-Type = Framed-User,
Framed-Protocol = PPP,
Other-Attributes = Go-Here
If you have something along these lines and it isn't working, run the
server under debugging mode with the -X argument and post the output.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
