multuple ldap freeradius ssid

seb2020 girard.seb at gmail.com
Wed May 18 09:51:46 CEST 2011


Hi, 

I have test your solution like that : 

# defaults
update reply {
  Tunnel-Type := VLAN
  Tunnel-Medium-Type := IEEE-802
  Tunnel-Private-Group-Id := "unauthorised"

  Termination-Action := RADIUS-Request
  Session-Timeout := 300

  Acct-Interim-Interval := 3600
}

if (request:User-Name =~ /^.{3,4}$/) {
  update reply {
    Tunnel-Private-Group-Id := "staff"
  }
}
elsif (request:User-Name =~ /^.{7,8}$/) {
  update reply {
    Tunnel-Private-Group-Id := "student"
  }
}

if (reply:Tunnel-Private-Group-Id != "unauthorised") {
  update reply {
    # Cisco only support a max of 65535
    Session-Timeout := 64800
  }
} 

But, if I test with this account : "aaaaaaa" (7 letters), I have a reponse
like that : Tunnel-Private-Group-Id:0 = "staff". This is not correct

And I have place this code in this file /site-enabled/default in the section
post-auth. Is that correct ?

Thanks

-----
>From Switzerland
--
View this message in context: http://freeradius.1045715.n5.nabble.com/Multiple-ldap-freeradius-ssid-tp4399529p4405854.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.



More information about the Freeradius-Users mailing list