Rules in policy.conf

Martin Silvero silvero.martin at
Wed Jan 28 13:44:47 CET 2009

for example in the policy file type:

 permit_only_eap {
                if (Calling-Station-Id==001f.3c22.674a) {

                  here, depending on the mac, is due to the user a  VLAN

this would be after the auntenticacion for PEAP-MSCHAPv2 with username
and password.

the idea is to authenticate users with LDAP, but once authenticated
check your Calling-Station-Id, and depends on the mac is due to a
specified VLAN

More information about the Freeradius-Users mailing list