<div class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-GB style="mso-ansi-language: EN-GB"><FONT size=3><FONT face="Times New Roman">Ok, I don’t be clear.<SPAN style="mso-spacerun: yes"> </SPAN><?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" /><o:p></o:p></FONT></FONT></SPAN></div> <div class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-GB style="mso-ansi-language: EN-GB"><o:p><FONT face="Times New Roman" size=3> </FONT></o:p></SPAN></div> <div class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-GB style="mso-ansi-language: EN-GB"><FONT size=3><FONT face="Times New Roman"><SPAN style="mso-spacerun: yes"> </SPAN>The solution that I your given does not use the replyItem Tunnel-Medium-Type, Tunnel-Private-Group-Id, Tunnel-Type.<SPAN style="mso-spacerun: yes"> </SPAN><o:p></o:p></FONT></FONT></SPAN></div> <div class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-GB style="mso-ansi-language:
EN-GB"><o:p><FONT face="Times New Roman" size=3> </FONT></o:p></SPAN></div> <div class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-GB style="mso-ansi-language: EN-GB"><FONT size=3><FONT face="Times New Roman"><SPAN style="mso-spacerun: yes"> </SPAN>My Ldap base contains attributes SSID for each users. Because my NAS sends its vendor-specific containing the SSID where wants to connect the users. And at each request for authentification, the module authorize (radiusd.conf) call Ldap (with the filter) to compare the `uid' and `SSID'. If the SSID sent by the NAS corresponds at the SSID stored in Ldap: freeradius sends ‘accept’, if not it sends a ‘reject’.<SPAN style="mso-spacerun: yes"> </SPAN><o:p></o:p></FONT></FONT></SPAN></div> <div class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-GB style="mso-ansi-language: EN-GB"><o:p><FONT face="Times New Roman" size=3> </FONT></o:p></SPAN></div> <div class=MsoNormal style="MARGIN:
0cm 0cm 0pt"><SPAN lang=EN-GB style="mso-ansi-language: EN-GB"><FONT size=3><FONT face="Times New Roman">But you want that it is the switch Cisco which redirects the user in such or such SSID according to SSID'S corresponding to the attributes Tunnel-Medium-Type, Tunnel-Private-Group-Id, Tunnel-Type.? <o:p></o:p></FONT></FONT></SPAN></div> <div class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-GB style="mso-ansi-language: EN-GB"><o:p><FONT face="Times New Roman" size=3> </FONT></o:p></SPAN></div> <div class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-GB style="mso-ansi-language: EN-GB"><FONT size=3><FONT face="Times New Roman"><SPAN style="mso-spacerun: yes"> </SPAN>I am sorry, <SPAN style="mso-spacerun: yes"> </SPAN>but I had not understood this.<SPAN style="mso-spacerun: yes"> </SPAN><o:p></o:p></FONT></FONT></SPAN></div> <div class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-GB style="mso-ansi-language:
EN-GB"><o:p><FONT face="Times New Roman" size=3> </FONT></o:p></SPAN></div> <div class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-GB style="mso-ansi-language: EN-GB"><FONT size=3><FONT face="Times New Roman">Wat does it solution wish you?<o:p></o:p></FONT></FONT></SPAN></div> <div class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-GB style="mso-ansi-language: EN-GB"><o:p><FONT face="Times New Roman" size=3> </FONT></o:p></SPAN></div> <div class=MsoNormal style="MARGIN: 0cm 0cm 0pt"><SPAN lang=EN-GB style="mso-ansi-language: EN-GB"><FONT size=3><FONT face="Times New Roman">Ludovic Cailleau<o:p></o:p></FONT></FONT></SPAN></div><BR><BR><B><I>Antonio Matera <antonio.matera@create-net.it></I></B> a écrit : <BLOCKQUOTE class=replbq style="PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #1010ff 2px solid">Hi,<BR>thanks a lot for your answer.<BR>Your solution works fine but I don't understand some things:<BR><BR>1 - If I insert the
Cisco-AVPair in the filter and I haven't this <BR>attribute in my ldap user, I can't authenticate it. Is it possible to <BR>check the ssid only if it is in the list of the ldap user attributes?<BR><BR>2 - With this solution the following row in the ldap.attrmap is not <BR>necessary:<BR><BR>checkItem Cisco-AVPair radiusCiscoAVPair<BR><BR>whitout it the filter authentication works.<BR>It is not possible to use the ldap.attrmap file to inser a check item?<BR><BR>In this file I have inserted 3 replyItem:<BR><BR>replyItem Tunnel-Medium-Type radiusTunnelMediumType<BR>replyItem Tunnel-Private-Group-Id radiusTunnelPrivateGroupId<BR>replyItem Tunnel-Type radiusTunnelType<BR><BR>if I insert these three attribute in my ldap user they work without <BR>other configuration. Why the checkItem doesn't work?<BR><BR>3 - the last question is a little different: if I insert in the user <BR>file this row:<BR><BR>DEFAULT Auth-Type := LDAP<BR><BR>the authentication doesn't work. It is normal or
I have some mistakes in <BR>my configuration?<BR><BR>Thanks a lot<BR>Bye Antonio<BR><BR></BLOCKQUOTE><BR><BR>Ludovic Cailleau<p>
<hr size="1" />
<b>Faites de Yahoo! votre page d'accueil sur le web</b> pour retrouver directement vos services préférés : vérifiez vos nouveaux mails, lancez vos recherches et suivez l'actualité en temps réel. <a href="http://us.rd.yahoo.com/mail/mail_taglines/yahoofr/*http://fr.yahoo.com/set" target=_blank>Cliquez ici</a>.