How to assign vlan / manage different user groups

Götz Reinicke - IT-Koordinator goetz.reinicke at filmakademie.de
Tue Apr 5 16:53:08 CEST 2011 

Thanks,

may I ask you to send me the config you use in freeradius? That would be
great!

	/Götz

Am 05.04.11 16:42, schrieb schilling:
> We are using wlan - freeradius - ldap too.
> In the freeradius, you check ldap whether username is in student or
> nonstudent group, then you need to send back either
> IETF 64 65 81 or some vendor specific attributes
> 
> On the WLAN controller, you then either use the IETF 64 65 81 or
> vendor specific attributes to drop the user session in the VLAN.
> 
> Schilling
> 
> 
> 
> On Tue, Apr 5, 2011 at 9:07 AM, Götz Reinicke - IT-Koordinator
> <goetz.reinicke at filmakademie.de> wrote:
>> Hi,
>>
>> may be someone can point me into the right direction:
>>
>> we do have a new wlan - freeradius - ldap setup and want to assign two
>> main usergroups to two main wlans.
>>
>> Each wlan has an own vlan.
>>
>> We use cisco switches and APs and got a wlan controller.
>>
>> So far we do have different SSIDs and all users can access both WLANs
>> with their username/password stored in our ldap.
>>
>> Now we'd like students only to be able to access the students WLAN and
>> employees to access there WLAN.
>>
>> My question: Where is the point to start to configure such a setup?
>>
>> I think, somewhere there must be some sort of check if the user
>> assceesing the e.g. student wlan is in the primary posixgroup student.
>>
>> Or do I have to 'send' the VLAN ID to the network devices?
>>
>>
>> Thanks for any hint and best regards
>>
>>        Götz Reinicke
>> --


-- 
Götz Reinicke
IT-Koordinator

Tel. +49 7141 969 420
Fax  +49 7141 969 55 420
E-Mail goetz.reinicke at filmakademie.de

Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016
Vorsitzende des Aufsichtsrats:
Prof. Dr. Claudia Hübner

Geschäftsführer:
Prof. Thomas Schadt

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6656 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20110405/15d6448a/attachment.bin>

More information about the Freeradius-Users mailing list