Upgrading Free Radius Proxy functionality

Garber, Neal Neal.Garber at iberdrolausa.com
Thu Oct 14 15:42:59 CEST 2010

> SSID based forwarding takes precedence over realm and default forwarding.

> Please give comments or pointers about how to include this functionality to enhance forwarding and to change order.

Use unlang.  We use Cisco APs which pass the SSID in a Cisco-AVPair attribute.  So, perhaps you could use something similar to the following in the authorize section of sites-enabled/default:

        # Adjust below to capture the SSID from the request
        # If you're not sure what attr. has SSID, look at your debug output
        # If it's not in any request attr, consult your NAS documentation on how to make it pass it
        if (Cisco-AVPair =~ /ssid=(.*)/) {
           update request {
                SSID-Name = "%{1}"

        # Adjust SSID and Realm names below
        # Ensure you create the realms in proxy.conf
        if (SSID-Name) {
           if (SSID-Name == "SSID1") {
              update control {
                 Proxy-To-Realm = "Realm1"
           elseif (SSID-Name == "SSID2") {
              update control {
                 Proxy-To-Realm = "Realm2"

Also, you'll need to add SSID-Name to the dictionary file as a local attribute.  Something like the following:

ATTRIBUTE   SSID-Name                   3012    string
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-devel/attachments/20101014/e1326b84/attachment.html>

More information about the Freeradius-Devel mailing list