authenticating question

A.L.M.Buxey at A.L.M.Buxey at
Thu Oct 26 22:39:24 CEST 2006


> authenticate correctly and he'd be given access at this point. But if we
> could get Radius to check and LDAP field which say which vlan he has access
> to, and allow or deny access to the network if the user is not currently in
> that vlan, then I guess that would be the ideal solution.

thats exactly one way to do it - use the LDAP checking for group attribute.
other ways depend on how your directory is configured, do you have other
attributes, are the userid's obvious etc? rlm_perl can then be used, for example
to query and set the VLAN attribute correctly (if the WLAN kit supports such


More information about the Freeradius-Users mailing list