Deleting VLAN information while proxying
Tomasz Wolniewicz
Tomasz.Wolniewicz at uni.torun.pl
Tue Feb 7 19:17:23 CET 2006
Alan DeKok napisał(a):
> Tomasz Wolniewicz <Tomasz.Wolniewicz at uni.torun.pl> wrote:
>
>> Our university radius server sets VLAN information based on user
>> attributes form the LDAP directory.
>> This works fine when the system is used internally. However when our
>> user authenticates while visiting another institution, this VLAN
>> information should not be sent out.
>>
>
> rlm_attr_filter should work, I think.
>
> Alan DeKok.
>
>
Alan,
thanks, but it seems that when freeradius does the internal proxy to
service the eap-ttls then the pre-proxy and post-proxy are not being
entered, and this is where we would expect to put attr_filter. We tried
the post_auth but it refuses to take attr_filter.
Tomasz
More information about the Freeradius-Users
mailing list