Help: How to set VLAN by Tunnel-Private-Group-Id for user or group?

Hangjun He elmerhe at yahoo.com.cn
Thu Aug 2 11:11:45 CEST 2007


Hi,
         We use peap + AP + fr + AD to authenticate user. Now It can work. But I
  need to get VLAN from freeradius for different user or group.
        How should I do?? Please give me some advice, Thanks.
   
        I saw below debug info from maillist, from these info I guess freeradius can set VLAN for user or group. 
   
   
  Ready to process requests.
rad_recv: Access-Request packet from host 192.168.1.1:1645, id=38, length=149
 User-Name = "DOMAIN\\testuser"
 Service-Type = Framed-User
 Framed-MTU = 1500
 Called-Station-Id = "00-19-AA-2C-8F-03"
 Calling-Station-Id = "00-08-74-46-2A-A5"
 EAP-Message = 0x0202001601434f5250524f4f545c7467646f72686531
 Message-Authenticator = 0x9bc11b6f6182f53f6428ad12c48d8f10
 NAS-Port = 50001
 NAS-Port-Type = Ethernet
 NAS-IP-Address = 192.168.1.1
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
  rlm_eap: EAP packet type response id 2 length 22
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 0
    users: Matched entry DEFAULT at line 1
  modcall[authorize]: module "files" returns ok for request 0
modcall: leaving group authorize (returns updated) for request 0
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 0
  rlm_eap: EAP Identity
  rlm_eap: processing type tls
  rlm_eap_tls: Initiate
  rlm_eap_tls: Start returned 1
  modcall[authenticate]: module "eap" returns handled for request 0
modcall: leaving group authenticate (returns handled) for request 0
Sending Access-Challenge of id 38 to 192.168.1.1 port 1645
 Tunnel-Type:0 = VLAN
 Tunnel-Medium-Type:0 = IEEE-802
 Tunnel-Private-Group-Id:0 = "vlanX"
 EAP-Message = 0x010300061920
 Message-Authenticator = 0x00000000000000000000000000000000
 State = 0x67c75e29c6b4d8d32c662ce2d154d277
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...




       
---------------------------------
 雅虎免费邮箱3.5G容量,20M附件!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20070802/2507b7c3/attachment.html>


More information about the Freeradius-Users mailing list