Is this hack possible?

Thibault Le Meur Thibault.LeMeur at supelec.fr
Fri Nov 17 13:04:06 CET 2006


> into an "Access Accept" reply? Why on earth would I want 
> this? Well, I 
> would like to i.e. give a guest-net Vlan back to users that actually 
> fail authentication, so that when they try to access the web 
> they will 
> instead get connected to a redirected guest-information webpage.

I haven't tested this, but maybe it could be possible with the following
setup:

* At the end of your 'users' file, define a DEFAULT rule that enforces
Auth-Type = Always-Ok
 - Check that this rule is only used for WiFi accesses
 - Enforce a Radius profile that apply the correct VLAN settings

* Then in your radiusd.conf define the Auth-Type Always-Ok section as to
reply always ok (it might be possible by having a look at the setups
described in configurable-failover doc)

There might be easier way to do so though, I let FR gurus comment.

Thibault





More information about the Freeradius-Users mailing list