how to disable a particular EAP type in freeradius2 for a particular ESSID ?
Riccardo Veraldi
Riccardo.Veraldi at cnaf.infn.it
Sat Feb 11 09:07:49 CET 2012
On 2/10/12 6:54 PM, Alan Buxey wrote:
> Yes. Perfectly possible...just need to make copies of the 'files'
> module file, then give it is name (as per docs), then out a different
> users file in the second copy. In the virtual server you can then call
> the copy of the files module that uses that different file.
>
>
> Personally I'd just use one small bit of unlang eg
>
> if(%{Called-Station-Id} ~= /:ssid$/i && EAP-Type = EAP-TLS) {
> access-reject
> }
>
> (example quick code!)...this assumes the request coming from the
> AP/controller has the SSID embedded in it.....
>
Yes I wanted to use this solution but the problem is that when my Cisco
1200 access points contact freeradius, there is no SSID like
attribute in the communication, in the request there is no SSID... I
will try with the copy of module file I did not figure out it form the docs.
thank you
> alan
>
More information about the Freeradius-Users
mailing list