multuple ldap freeradius ssid
Alexander Clouter
alex at digriz.org.uk
Mon May 16 10:11:12 CEST 2011
seb2020 <girard.seb at gmail.com> wrote:
>
> I have a question. I already read how to make this, but I'm not sur if
> it works !
>
> So, what do I want ? I have 2 SSID : students and an other staff. I
> want to have to ldap instance for authenticating my users.
>
You really do *not* want to do this. Have both the staff and students
connect to the same SSID (for example 'eduroam') and use your RADIUS
server to use an LDAP group check (or username style) to find out how to
treat them. For example, place them into a different VLAN.
> In the /module/ldap, I have set ldap students { some stuff } and ldap
> staff { some stuff}. But now, what i need to do ?
>
> My access point is Aruba. I can use this value "Aruba-Essid-Name" for
> choosing which instance i need to use. In the
> /site-avaible/inner-tunel, what i need to do ?
>
> Something like that ?
>
FreeRADIUS is (was?) a bit picky about how the if/else layout is, so you
need:
----
if (Aruba-Essid-Name == "students") {
...students...
}
elsif {
...staff...
}
----
I *strongly* recommend you go with the single SSID and use RADIUS in the
background; getting everyone at a latter date to move to a different
SSID is a real pain.
> Thanks for your reply, and sorry for my english, I'm French ;)
>
We forgive you... ;)
Cheers
--
Alexander Clouter
.sigmonster says: A modem is a baudy house.
More information about the Freeradius-Users
mailing list