Setting VLAN based on Certificate Issuer
aland at deployingradius.com
Thu Nov 20 16:33:31 CET 2008
Edgar Fuß wrote:
> I thought this was a FAQ but apparently it isn't.
> I have an 1.1.7 FreeRADIUS server up and running with EAP/TLS.
> Now, I would like to put clients into different VLANs based on who signed
> their certificate.
> Is there a way to set the Tunnel-Private-Group-Id attribute based on the
> certificate issuer? Is the Rlm_eap module able to export any information
> on the certificate chain?
> Switching to 2.1.1 wouldn't be a problem for me I suppose.
This isn't supported right now. There is no way to access the
There were some patches to enable some of this, but they haven't been
integrated into the server.
More information about the Freeradius-Users