On Wed, Aug 1, 2012 at 3:32 PM, Kaya Saman <[email protected]> wrote: > On Wed, Aug 1, 2012 at 1:36 PM, Fajar A. Nugraha <[email protected]> wrote: >> On Wed, Aug 1, 2012 at 7:20 PM, Kaya Saman <[email protected]> wrote: >>> IF %User-Name notfound IN SQL >>> >> >> This one might not work the way you intended. What you've done so far, >> the "=" part says "add this attribute if it doesn't already exist" >> (e.g. not in SQL) >> >> If you HAVE to do "notfound" check, something like this MIGHT work >> >> authorize { >> >> sql >> if (notfound) { >> ... >> } >> >> } >> >>> Accept AND Provision onto VLAN 80 (my demo guest vlan in this case but >>> could be any number (n)) >> >> Then just add Auth-Type = Accept inside the update block. >> >> -- >> Fajar >> - >> List info/subscribe/unsubscribe? See >> http://www.freeradius.org/list/users.html > > > I tried this method which didn't work.... The expression came out TRUE > but then it failed to authenticate :-( > > > If however, as Alan B. suggested to add a DEFAULT entry to the > /etc/raddb/users file is 'better' then I'd be happy to go down that > route. > > > I have already started testing with it but again I'm doing something > wrong so it isn't able to process the information properly. > > > This is the output I have: > > > Users: > > > DEFAULT Auth-Type := Accept > Tunnel-Type:0 = VLAN, > Tunnel-Medium-type:0 = IEEE-802, > Tunnel-Private-Group-Id:0 = "80", > Tunnel-Preference:0 = 0x000000, > Fall-Through = Yes > > I tried also with the basic: > > DEFAULT Auth-Type := Accept (tried with = too, though found more > references to using := in Google) > > > This is the result of trying to start FR with that in place: > > > Module: Linked to module rlm_files > Module: Instantiating module "files" from file /etc/raddb/modules/files > files { > usersfile = "/etc/raddb/users" > acctusersfile = "/etc/raddb/acct_users" > preproxy_usersfile = "/etc/raddb/preproxy_users" > compat = "no" > } > Couldn't open /etc/raddb/acct_users for reading: Permission denied > Errors reading /etc/raddb/acct_users > /etc/raddb/modules/files[7]: Instantiation failed for module "files" > /etc/raddb/sites-enabled/inner-tunnel[133]: Failed to load module "files". > /etc/raddb/sites-enabled/inner-tunnel[47]: Errors parsing authorize section. > > > Is the error here due to the 'users' file not containing correct > information, or do I need to uncomment/adapt one of the lines in > acct_users? > > > > Regards, > > > Kaya
Please ignore the above earlier posting!! I managed to get FR up and running. It was a permissions thing on the files called by rlm_files module!!! One quick question now: This is the only config in my 'users' file: > DEFAULT Auth-Type := Accept > Tunnel-Type:0 = VLAN, > Tunnel-Medium-type:0 = IEEE-802, > Tunnel-Private-Group-Id:0 = "80", > Tunnel-Preference:0 = 0x000000, > Fall-Through = Yes Do I really need the Fall-Through statement? This basically if I understand correctly, claims that IF nothing matches against the DEFAULT statement go to the NEXT statement..... If this is so I can get rid of it since it would 'extra' unnecessary config! Thanks for all the help in the meantime :-) Regards, Kaya - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
