vlan ldap radiusd

Phil Mayers p.mayers at imperial.ac.uk
Thu Jul 14 14:29:51 CEST 2011

On 14/07/11 13:09, Serge van Namen wrote:
> Hi,
> I'm working on a proof-of-concept for 802.1x and dynamic vlan's on switches.
> All this works perfectly with user at realm, but now I want to read the vlan ID from a ldap attribute and then send the radius request with that value in "Tunnel-Private-Group-ID".
> Can anyone give me a bump in the right direction?

Read this:


Pay particular attention to "reply items". You can also use "ldap xlat" 
in the inner-tunnel post-auth section e.g.

post-auth {
   update reply {
     Tunnel-Private-Group-Id := "%{ldap:///url}"

More information about the Freeradius-Users mailing list