unique authentication per wlan
Paolo Barbato
paolo.barbato at igi.cnr.it
Thu Apr 26 15:00:47 CEST 2012
I've solved the problem intercepting Airespace-Wlan-Id, and creating a reject rule in mysql for auth-type attribute, in radgroupreply…..posts on freeradius list has helped a lot.
In this way users defined in mysql , say guest accounts, are not allows to associate to ad_wifi, while AD users are allowed to access both.
Regards,
Paolo.
On 23/apr/2012, at 08:31, Alan DeKok wrote:
> Paolo Barbato wrote:
>> Is it possible configure freeradius to select a specific authentication
>> mechanism on a wlan basis ?
>
> Yes.
>
>> Considering to have a couple of wlan , say ad_wifi and sql_wifi, I
>> would allow only Active Directory authenticated users to associate to
>> ad_wifi , while only users defined on a mySQL db can connect to sql_wifi.
>
> As always, write the rules based on what's in the packets. DON'T talk
> about concepts. They're too vague.
>
> Read the packets, and write the rules based on that.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
------------------------------------------------------------------------------------------------
Paolo Barbato
Consorzio RFX
corso Stati Uniti,4
35127 Padova - Italy
Network Administrator
phone: +39 049 8295097 fax: +39 049 8700718
------------------------------------------------------------------------------------------------
More information about the Freeradius-Users
mailing list