Hi Mikal-<br> Thanks for responding. I have it set up just like that...the policy on the controller is named Faculty. I even took LDAP out of it to make sure that the attribute was passing correctly. I have a user defined in the /etc/raddb/users<br clear="all">
<br>
<span style="font-family: courier new,monospace;">ktest Cleartext-Password := "password"</span><br style="font-family: courier new,monospace;"><span style="font-family: courier new,monospace;"> Filter-Id = "Faculty"</span><br>
<br>When I authenticate with this user I get:<br><br>Client session MAC [00:24:D6:A6:CE:CE] on AP [JRG-1FL-AP09] with SSID
[TEST] from VNS [TEST] with username [ktest] has been successfully
authenticated. Policy [Students] is applied.<br><br>I get the same msg for an ldap user that has the Filter-Id set to Faculty as well.<br><br>For comparison, on the controller my vns settings include:<br>VNS Name: TEST<br>
WLAN Service: TESTWLAN<br>Non-Auth policy: NonAuth<br>Auth Policy: Students (support told me this doesnt matter what its set to...the Filter-Id will override this)<br>Restrict policy set unchecked<br>Enable checked<br>
<br>I have another policy named Faculty that is assigned the AuthFaculty topology (which sets the tagged vlan). <br><br>How does this compare to your setup? Do I need the restrict policy set option checked and config'd?<br>
<br>-Rob<br><br><div class="gmail_quote">On Thu, Dec 2, 2010 at 11:38 AM, mikal <span dir="ltr"><<a href="mailto:mpm@atceast.com">mpm@atceast.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<br>
Rob,<br>
<br>
You need to ensure that the value of Filter-Id maps exactly to the value of<br>
the policy that you're trying to apply. So you need to have a policy<br>
defined on the controller named "Faculty", not "faculty" or "facultY", but<br>
"Faculty".<br>
<br>
For instance, if I have a policy named "NewmanN" and I pass a<br>
Filter-Id="NewmanN" then I get:<br>
<br>
Client session MAC [00:22:6B:9A:2B:77] on AP [IRV-AP3620] with SSID [SMFC]<br>
from VNS [SMFC] with username [test.user11] with mu session timer [52549]<br>
has been successfully authenticated. Policy [NewmanN] is applied.<br>
<br>
The desired policy is applied.<br>
<br>
If I pass a Filter-Id="Newmann" then I get:<br>
<br>
Client session MAC [00:22:6B:9A:2B:77] on AP [IRV-AP3620] with SSID [SMFC]<br>
from VNS [SMFC] with username [test.user11] with mu session timer [52201]<br>
has been successfully authenticated. Policy [SMFC Auth] is applied.<br>
<br>
The default policy for that VNS is applied because there was no policy<br>
matching "Newmann".<br>
<font color="#888888"><br>
<br>
--<br>
View this message in context: <a href="http://freeradius.1045715.n5.nabble.com/Attribute-not-passing-to-NAS-tp3289418p3289720.html" target="_blank">http://freeradius.1045715.n5.nabble.com/Attribute-not-passing-to-NAS-tp3289418p3289720.html</a><br>
Sent from the FreeRadius - User mailing list archive at Nabble.com.<br>
-<br>
List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a><br>
</font></blockquote></div><br>