Hi,
Thanks for everyone's help. I have it working nicely now, but have one more situation I just started testing.
I want to use the same radius servers to authenticate users on a different wireless network though a captive portal to the same eDirectory servers via LDAP.
In order for the captive portal authentication to work, I had to put LDAP back in the authorize section, which breaks all the work I just did to reduce the calls to the eDirectory servers for my other network that uses 802.1X.
Is there a way around this to have both working at the same time?
when using captive portal, all requests will come from one single NAS or client-IP address - that of the captive portal. simply add in an authenication type and call for that client...eg rough example DEFAULT Client-IP-Address == 1.2.3.4 Autz-Type := CAPTIVE than in the authorize section Autz-Type CAPTIVE { ldap } ...and remove that ldap that you put back into the main section. this info isnt 100% complete - but should get your mind down the right track. alan