Best way to cope with multiple SSIDs and MAC auth
Franks Andy (RLZ) IT Systems Engineer
Andy.Franks at sath.nhs.uk
Tue Aug 21 22:45:20 CEST 2012
Hi again,
Thanks for everyone's input on the last question I asked today.
I have another : we are running cisco 1100/1200 series Aps with multiple
SSIDs. Depending on ldap groups users are assigned a VLAN which
corresponds to the internal or DMZ based network. The issue is that if a
user is in both groups, I either have to assign a "most important" one
or do something else. With some devices I'd like the opportunity to join
either vlan.
Because I am not aware that the cisco IOS can send an "SSID" attribute
to the radius server (if someone knows how to do this PLEASE tell me!),
I need to either send the authentication request to another radius
server and proxy from there so that all the traffic appears from one ip
address, or choose a different port and create a separate virtual server
that listens on that port and contains perhaps a different files
section, perhaps users_ssid or something that has separate rules.
Anybody got any bright ideas or opinions which would be best?
Thanks
Andy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20120821/eac97796/attachment.html>
More information about the Freeradius-Users
mailing list