Authentications types by usernames

Arran Cudbard-Bell a.cudbardb at freeradius.org
Thu Sep 29 16:16:43 CEST 2011


On 29 Sep 2011, at 15:56, andreapepa wrote:

> http://freeradius.1045715.n5.nabble.com/file/n4853189/connection5g.log
> connection5g.log 
> http://freeradius.1045715.n5.nabble.com/file/n4853189/connection24.log
> connection24.log 
> 
> These are the logs,  i cant see anty connect-info attribute....have to add
> as a reply atttribute or in the nas config?

The 2.4ghz log is incomplete. Only shows the Accounting-Request which will contain different attributes.

The 5.0ghz one did however include this... which means the RADIUS server can determine the SSID the user connected on
	Called-Station-Id = "00-80-48-60-66-D9:WiNET-TR5G506106"

if(Called-Station-Id =~ /:([^:]*)^/){
	switch "%{1}" {
		case 'my-2.4ghz-ssid' {
			if(User-Name != '2.4ghzuser'){
				reject
			}
		}
		case 'my-5.0ghz-ssid' {
			if(User-Name != '5.0ghzuser'){
				reject
			}
		}
	}
}

If your NAS is not sending Connect-Info by default, you may be able to configure it to send it, but its unlikely. Your best course of action is to map different SSIDs to different radios.

If you wanted to use the same SSID, you will need to build a database of 'Called-Station-ID' values, it is likely they will be different for clients connecting to the 2.4ghz radio and the 5.0ghz radio.

-Arran

Arran Cudbard-Bell
a.cudbardb at freeradius.org

Betelwiki, Betelwiki, Betelwiki.... http://wiki.freeradius.org/ !





More information about the Freeradius-Users mailing list