Radius+Ldap:Allow the same host in multiple vlans
Alan DeKok
aland at deployingradius.com
Fri Oct 1 15:58:01 CEST 2010
Ramon Escriba wrote:
> Hi Alan,
> Then does it possible to do a general match rule in huntgroups to lets say
> "the 35 first ports belong to a vlan A" and the rest "36 to 48" to vlan B,or
> not?
What did my message say?
> business NAS-IP-Address == 192.168.2.5, NAS-Port-Id == 1-35
> IT NAS-IP-Address == 192.168.2.5, NAS-Port-Id == 36-48
>
> Do I have to manually insert one by one? I've +2000 ports active, I hope do
> not have to.... ;-)
There are other ways.
> I did a little change in huntgroups to check that:
>
> XXX NAS-IP-Address == aaa.bbb.ccc.ddd, NAS-Port == 33-50
>
> But without success.
>
> /etc/raddb/huntgroups[77]: Parse error (check) for entry XXX: Unknown value
> 33-50 for attribute NAS-Port
Well... I guess that doesn't work any more. Oh well.
Instead, you can check:
XXX NAS-IP-Address == aaa.bbb.ccc.ddd, NAS-Port >= 33, NAS-Port <= 50.
Alan DeKok.
More information about the Freeradius-Users
mailing list