unique authentication per wlan

Paolo Barbato paolo.barbato at igi.cnr.it
Thu Apr 26 15:00:47 CEST 2012

I've solved the problem intercepting Airespace-Wlan-Id, and creating a reject rule in mysql for auth-type attribute, in radgroupreply…..posts on freeradius list has helped a lot.

In this way users defined in mysql , say guest accounts, are not allows to associate to ad_wifi, while AD users are allowed to access both.


On 23/apr/2012, at 08:31, Alan DeKok wrote:

> Paolo Barbato wrote:
>> Is it possible configure freeradius to select a specific authentication
>> mechanism on a  wlan  basis ?
>  Yes.
>> Considering to have a  couple of wlan , say ad_wifi and sql_wifi, I
>> would allow only Active Directory authenticated users to associate to
>> ad_wifi , while only  users defined on a mySQL db can connect to sql_wifi.
>  As always, write the rules based on what's in the packets.  DON'T talk
> about concepts.  They're too vague.
>  Read the packets, and write the rules based on that.
>  Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Paolo Barbato

Consorzio RFX
corso Stati Uniti,4                                  
35127 Padova - Italy                     	                  
Network Administrator 
phone: +39 049 8295097 fax: +39 049 8700718

More information about the Freeradius-Users mailing list