FreeRadius and MacOSX 10.6

Fajar A. Nugraha fajar at fajar.net
Wed Feb 24 10:06:38 CET 2010


On Wed, Feb 24, 2010 at 3:55 PM, Fabien COMBERNOUS
<fcombernous at kezia.com> wrote:
> It is not for ppp. I'm already using dhcp.
>
> In a first step, i would like to dynamically assign  a vlan to the port of
> my switch in function of the mac address where the device is plugged. I
> would like to add a device in the opendirectory, and specifying its mac
> address and the vlan this mac address have to use. Then when a device is
> plugged on a port of my switch, it asks to freeradius if this device is
> allowed. Then the radius ask to opendirectory, the directory answer by no or
> yes. If yes it also give the vlan number to assign.
>
> Now my switch is able to talk with my freeradius server.

Sounds like 802.1x. See http://vuksan.com/linux/dot1x/802-1x-LDAP.html.
If your switch sends client MAC (possibly in calling-station-id
attribute) then you should be able to create rules based on that.

You'll need to setup your clients to use 802.1x as well. You can't
expect it to "just work" for any client. By only setting radius and
switch.

-- 
Fajar




More information about the Freeradius-Users mailing list