WiFI EAP-PEAP with VLAN

Paul TAVERNIER paul.tavernier at ac-rouen.fr
Tue Nov 4 16:43:00 CET 2008



Dajka Tamás wrote:
> Hi all,
> 
> Is it possible to include a VLAN tag in the reply, so that client is assigned to the appropirate VLAN based on it's auth group ( so,  if USER_A is member of GROUP_A, than it's assigned to VLAN_A)

it seems to be "vendor specific"...For Cisco
Tunnel-Type (064): VLAN
Tunnel-Medium-Type (065): 802
Tunnel-Private-Group-ID (081): { nom du VLAN }

> 
> Is this possible? Or should be done elsewhere, than the radius?

You can map a private attrib (LDAP vlan entry for ex) to one of these 
"vendor specific" in your reply.

Rgds
Paul
> 
> Thanks,
> 
>             Tamas
> 
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> 

-- 
============================
Paul TAVERNIER
Equipe Reseaux-Securite
Division Informatique
Rectorat de ROUEN
Tel: 02.32.08.94.18
Fax: 02.32.08.94.12
Mob: 06.25.45.84.10
"Je suis accablé de tant de riens,
si surchargé de billevesées" (Voltaire)
============================		







More information about the Freeradius-Users mailing list