Pushing a policy for usergroup and calling station id from Free Radius Server
Subhani sk m
subhani19.cool at gmail.com
Sun Sep 30 14:51:26 CEST 2012
Thanks Fajar.
In previous mail, "Push Policy" means Radius Attribute only. I am
using EAP-TLS and When a client sends a radius request with username
"user1" to radius server. In access accept I am able to see attributes
configured in users file being returned.
In */etc/raddb/users* file
*user1 Cleartext-Password := "user1"*
*
Tunnel-Type := 13,
Tunnel-Medium-Type := 6,
Tunnel-Private-Group-Id := "guest",
*
* LVL7-Wireless-Client-Policy-Dn := "policy1"*,
Similarly for a usergroup say "usergroup1" I should send radius
attributes.. Also with client Mac which can be seen in radius request as
calling station id.
Can we do it from modifying config files instead of modifying sql database?
Regards,
Subhani
On Sun, Sep 30, 2012 at 4:35 PM, Fajar A. Nugraha <list at fajar.net> wrote:
> On Sun, Sep 30, 2012 at 4:53 PM, Subhani sk m <subhani19.cool at gmail.com>
> wrote:
> > Hi,
> >
> > I am using free radius on Linux, Fedora 13. I am able to push policy
> for a
> > user.. I need help on two scenarios given below.
> >
> > 1.how to push policy for a specific usergroup from free radius sever
> >
>
> Depends on what you mean by "push policy". If it's just "return some
> radius attribute"), then if you use database, simply put it on
> radgroupreply table. See the included documentation, or
> http://wiki.freeradius.org/modules/Rlm_sql
>
> > 2. how to push a policy for a specific Calling-Station-ID like
> > 00:16:6F:A2:XX:XX [ no user specific policy returned]
>
> Short version? Use unlang (http://freeradius.org/radiusd/man/unlang.html)
>
> --
> Fajar
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20120930/2e68f43b/attachment.html>
More information about the Freeradius-Users
mailing list