Dynamic VLAN-id setting on wireless AP

tnt at kalik.co.yu tnt at kalik.co.yu
Wed May 30 14:46:13 CEST 2007


Restricts as much as the static VLAN can.

No, our wireless clients have to use VPN(PPTP) if they want Internet mail
etc. Local traffic (game servers etc.) is left wild with only bandwidth
restrictions.

Ivan Kalik
Kalik Informatika ISP


Dana 30/5/2007, "Jan Schermer / ET NETERA" <jan.schermer at etnetera.cz>
piše:

>Do you use this scenario? Does Mikrotik really restrict each user to the given VLAN?
>
>Thanks
>
>Jan Schermer
>Linux Administrator
>ET NETERA | smart e-business solutions
>jan.schermer at etnetera.cz
>+420 608022225
>~
>[ www.ahold.cz     |  www.annonce.cz  |  www.datart.cz ]
>[ www.knizniweb.cz |  www.siemens.cz  |  www.cz.o2.com ]
>
>Created by ET NETERA | Powered by jNetPublish
>
>
>tnt at kalik.co.yu wrote:
>> /interface vlan > crete VLAN names, IDs and bind to phisical interface
>> /ip address > assign IP subnets to VLAN interfaces (names)
>> 
>> VLANS can only enhance security.
>> 
>> Ivan Kalik
>> Kalik Informatika ISP
>> 
>> 
>> Dana 30/5/2007, "Jan Schermer / ET NETERA" <jan.schermer at etnetera.cz>
>> piše:
>> 
>>> Hi,
>>> I want to tag VLANs on the wireless AP (Mikrotik OS) according to radius criteria (type of autentization, DN in certificate etc.).
>>> Does someone here have experience with that?
>>> It seems easy enough to do on the freeradius side, but how is this supposed to work on the wireless AP side? (I know, this is not
>>> a Mikrotik mailing list, sorry in advance :). Does the AP really have to be smart enough to tag packets per-client? Should it work
>>> out of the box? Is it secure to mix clients from different security domains?
>>>
>>> Any experience appreciated, thanks
>>>
>>>
>>> --
>>> Jan Schermer
>>> Linux Administrator
>>> ET NETERA | smart e-business solutions
>>> jan.schermer at etnetera.cz
>>> +420 608022225
>>> ~
>>> [ www.ahold.cz     |  www.annonce.cz  |  www.datart.cz ]
>>> [ www.knizniweb.cz |  www.siemens.cz  |  www.cz.o2.com ]
>>>
>>> Created by ET NETERA | Powered by jNetPublish
>>>
>>>
>> 
>> - 
>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>




More information about the Freeradius-Users mailing list