7 Feb
2006
7 Feb
'06
1:17 p.m.
Alan DeKok napisaĆ(a):
Tomasz Wolniewicz <Tomasz.Wolniewicz@uni.torun.pl> wrote:
Our university radius server sets VLAN information based on user attributes form the LDAP directory. This works fine when the system is used internally. However when our user authenticates while visiting another institution, this VLAN information should not be sent out.
rlm_attr_filter should work, I think.
Alan DeKok.
Alan, thanks, but it seems that when freeradius does the internal proxy to service the eap-ttls then the pre-proxy and post-proxy are not being entered, and this is where we would expect to put attr_filter. We tried the post_auth but it refuses to take attr_filter. Tomasz