Hi, [email protected] wrote: > > I have a firewall that i connect to over SSH to manage. It has a > client entry with a secret in clients.conf, it's got a huntgroup > entry, and the huntgroup has entries in the users file, and > everything is working fine (I think I've got the order right there). > > The frewall also serves as teh VPN server, authenticating users > through radius. But I'd like the VPN users to use a different secret > and, more importantly, a different huntgroup (since the user group > for authentication is different between those two groups). Is that possible? > If you run FreeRADIUS in debugging mode (-X) you should see a difference in the type of incoming requests; typically things like NAS-Port-Type will change or Service-Type. Then using either unlang, hints or huntgroups you will be able to differentiate between them by testing for the presence of these attributes/values or the lack of them.
If the requests are identical, bin the product and tell the venduh why (unless they have a fix). Your only workaround is hope that you can send the different requests to different IP's and/or ports and get FreeRADIUS to use that as the differentiator. Cheers -- Alexander Clouter .sigmonster says: Postmen never die, they just lose their zip. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
