Thanks. I really apprecitate your help. Even though I understand what you are saying, I have no idea where to start looking for the SSID. As far as I can tell, the SSID is not in the request and neither in the NAS-Identifier. A typical log entry looks like this: Wed Jan 14 13:03:20 2009 : Auth: Login OK: [the_user/<no User-Password attribute>] (from client Cisco 4402 port 29 cli 00-22-69-0A-46-62) Could you clarify that or give me an example? Thanks Qurt On 14.01.2009, at 14:16, <tnt@kalik.net> <tnt@kalik.net> wrote:
I need to have different WLANs for different Users who are in LDAP groups. The user of group A should be able to use WLAN A but not WLAN B and so on.
How on earth do I configure this?
Where is SSID in the request? Called-Station-Id? NAS-Identifier?
DEFAULT Ldap-Group == whatever, regex check on the attribute which holds SSID
DEFAULT Ldap-Group == another, same for second SSID
etc.
DEFAULT Auth-Type := Reject (force reject on those that don't match)
You can also return group/SSID combination specific attributes there.
Ivan Kalik Kalik Informatika ISP
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html