users rights seperations

Ömer Tuğrul omertugrul at
Mon Jun 28 19:36:29 CEST 2010

my freeradius version is 2.1.4

I have network devices that I authenticate the network managers to console
these devices with radius server based on users file.
Now I need to use 802.1x authentication for wireless APs based on ldap

My question is;
How can I seperate network management authentication and internet access
authentication rights? I mean, I don't want that some ldap users to console
my network devices. I just want to allow them to authenticate internet
access and some ldap users may console to devices.

firstly, I heard that i could use clients.conf file with virtual-server
parameter (and sites-enabled/virtual_server_ name...); but then I could only
use the authenticator-device for one method if I got it right. I am confused

I am sorry if i am not clear, please let me know...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Freeradius-Users mailing list