-----Original Message----- From: [email protected] [mailto:[email protected]] Sent: Monday, 19 January 2009 10:52 p.m. To: FreeRadius users mailing list Subject: Re: Huntgroups issue - every user is accepted
> >The goal is to suppress roaming between hotspot routers, between groups of > >hotspots. > > > > > >`radhuntgroup` > > > >`id`, `groupname`, `calledstationid` > > > >1, 'Test-Rejec', '00-1D-7E-E7-96-9F' > > > > > > > >`usergroup` > > > >`UserName`, `GroupName`, `priority` > > > >'yubvef13', 'TestGroup', 1 > > > > > This is OK. > > > >`radgroupcheck` > > > >`id`, `GroupName`, `Attribute`, `op`, `Value` > > > >1, 'TestGroup', 'Huntgroup-Name', ':=', 'Test' > > > This doesn't check anything. It sets huntgroup to Test. > As I understand it you want to reject huntgroups that are not Test. So > make such a policy: > Huntgroup-Name != "Test", Auth-Type := Reject Thanks for your response. It overlapped time wise with one from Alan. However, the issue remains: I do not want the user to be rejected per se. I only want the user to be rejected if her own huntgroup as stored in radgroupcheck is different from the huntgroup of the Called-Station-Id in the radhuntgroup table. The goal is to prevent a user to login to a hotspot router, that does not belong to the huntgroup the user belongs to. I am sorry if I have left out any other configuration, but again, according to the howto in the freeradius wiki, what I have configured is all that is necessary. But the wiki seems to be incorrect, so what do I need to configure to have a request rejected, where a user's huntgroup and an NAS huntgroup do not match? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
