freeradius and vlan assignment

[omega bk]

i could'nt imagine that would be so simple.
i'll try that next time [?]


thank u


2010/3/18 Bob Brandt <bob at brandt.ie>

> In the users file do this:
>
> DEFAULT Ldap-Group == "cn=InsideGroup,o=Base"
>         Reply-Message = "Your a member of the Inside Group",
>         Tunnel-Medium-Type = IEEE-802,
>         Tunnel-Type = VLAN,
>         Tunnel-Private-Group-ID = 11,
>         Fall-Through = No
>
> DEFAULT Auth-Type == "LDAP"
>         Reply-Message = "You did not match a LDAP Group",
>         Tunnel-Medium-Type = IEEE-802,
>         Tunnel-Type = VLAN,
>         Tunnel-Private-Group-ID = 99
>
> All members of the InsideGroup will get the first group of attributes and
> the FreeRadius will stop looking.
> Everyone else who authenticated through LDAP will get the second group of
> attributes.
>
> Bob
>
> On Thu, Mar 18, 2010 at 8:59 AM, omega bk <omegabk at gmail.com> wrote:
>
>> hi,
>>
>> assume that the switch does not support the "auth-fail" and has 2 vlan (
>> vlan inside and vlan outside ), is it possible in the users file to put a
>> condition like:
>>
>> if (user belong to Ldap-group=inside)
>>     assign to vlan = inside
>> else
>>     assign to vlan = outside
>>
>> is that possible ?
>>
>>
>> thanks
>>
>>
>>
>>
>> -
>> List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>>
>
>
>
> --
> The problem with socialism is that you eventually run out of other people's
> money.  -  Margaret Thatcher
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100318/2b389e82/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 330.gif
Type: image/gif
Size: 96 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100318/2b389e82/attachment.gif>