assigning vlan based on LDAP attribute

Matt Ashfield mda at
Fri Jul 28 20:41:13 CEST 2006

Hi All,

I'm trying to add a user to a vlan based on an ldap attribute. I've checked
out: annd saw the following
would have to be added to the user's ldap record:
radiusTunnelMediumType: IEEE-802
radiusTunnelType: VLAN
radiusTunnelPrivateGroupId: 2

If I don't want to actually insert that into the LDAP database, is it
possible for Radius to figure out which vlan to assign to based on some
other already existing LDAP attribute? For example, if I want to assign
users whose userDepartment attribute equals ITS into vlan 3 and those who's
userDepartment attribute equals HR into vlan 4?  If so, could you give me a
link to how to do that, or explain briefly?

Thanks for your time,

mda at

More information about the Freeradius-Users mailing list