Limit access of a SSID to a certain LDAP group
qrt
qrt at sunrise.ch
Wed Jan 14 14:23:57 CET 2009
Thanks.
I really apprecitate your help.
Even though I understand what you are saying, I have no idea where to
start looking for the SSID.
As far as I can tell, the SSID is not in the request and neither in
the NAS-Identifier.
A typical log entry looks like this:
Wed Jan 14 13:03:20 2009 : Auth: Login OK: [the_user/<no User-Password
attribute>] (from client Cisco 4402 port 29 cli 00-22-69-0A-46-62)
Could you clarify that or give me an example?
Thanks
Qurt
On 14.01.2009, at 14:16, <tnt at kalik.net> <tnt at kalik.net> wrote:
>> I need to have different WLANs for different Users who are in LDAP
>> groups.
>> The user of group A should be able to use WLAN A but not WLAN B and
>> so
>> on.
>>
>> How on earth do I configure this?
>
> Where is SSID in the request? Called-Station-Id? NAS-Identifier?
>
> DEFAULT Ldap-Group == whatever, regex check on the attribute which
> holds SSID
>
> DEFAULT Ldap-Group == another, same for second SSID
>
> etc.
>
> DEFAULT Auth-Type := Reject (force reject on those that don't match)
>
> You can also return group/SSID combination specific attributes there.
>
> Ivan Kalik
> Kalik Informatika ISP
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090114/e83f127c/attachment.html>
More information about the Freeradius-Users
mailing list