distinction between users on different AP (talking to the same radius server)
liran tal
liransgarage at gmail.com
Sun Nov 19 11:17:59 CET 2006
I'll try to elaborate on this...
There are two access points deployed in two different locations, they both
speak to a central radius sever,
it looks like this:
AP1 - DHCP Address Pool 172.19.1.0/24
AP2 - DHCP Address Pool 172.19.2.0/24
Now, say user foo got connected to AP1, in the logs I will see he received
FramedIPAddress 172.19.1.250
so I will know for a fact that the user is conneccting from AP1 rather than
AP2.
So I'm asking if there's a better way to do this rather than by configuring
different subnets on the dhcp server of the APs.
A NASIPAddress is actually a good solution but I'm not going with that cause
I can't be sure that it's a static one (some APs
receive their "wan" interface address by DHCP which may vary all the time).
So any other ideas...
On 11/19/06, K. Hoercher <wbhoer at gmail.com> wrote:
>
> On 11/19/06, liran tal <liransgarage at gmail.com> wrote:
> > I want to spread several access points in different locations (they all
> talk
> > to a central radius) and then i want to distinct one location from
> another
> > for example user foo can login from either location but id like to make
> the
> > distinction from which ap he got connected from... whats the best way to
> do
> > that?
>
> I won't assert something about the following being the best way, but I
> would normally think of some rules in hints and/or users file matching
> on pertinent combinations of User-Name, NAS-IP-Address,
> Called-Station-Id etc. depending on the setup you actually want to
> implement.
>
> > I was thinking of one method which is to configure in each AP a
> different
> > subnet mask for the DHCP allocations
> > and then make the distinction based on that but I'm looking for a more
> > elegant way.
>
> As a side note to that: while I don't have a clear understanding of
> what the meaning of "different subnet mask"s in that context could
> possibly be, under sort of normal circumstances dhcp would happen
> after users' machines associate/authenticate on an ap.
>
> regards
> K. Hoercher
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20061119/9d8f376d/attachment.html>
More information about the Freeradius-Users
mailing list