MAC auth with LDAP

Victor Cenac victor at
Fri Nov 16 23:13:46 CET 2018

Hello everyone, I promise I red the docs and examples, but either they
refer to older versions of FreeRADIUS or don't match my scenario. Maybe
there are assumptions that I am not aware of.

I have a Juniper network where we assign devices to vlans based on their
MAC. The MACS are stored in an LDAP with the MAC as username and password.
The group membership is what distinguishes the vlan needed.

I managed to configure the ldap and enable the ldap module. FreeRADIUS
starts fine with it. I also added all the switches as clients.

I need help figuring out:
1. Where do I tell FreeRADIUS to look for users in ldap (vs the users file)?
2. Where do I match the group in ldap with the vlan number that needs to be
sent to the client (switch)? For example, for group Staff value is 10 (vlan

Thank you in advance for your help!


More information about the Freeradius-Users mailing list