Pushing a policy for usergroup and calling station id from Free Radius Server

Fajar A. Nugraha list at fajar.net
Sun Sep 30 16:06:18 CEST 2012

On Sun, Sep 30, 2012 at 7:51 PM, Subhani sk m <subhani19.cool at gmail.com> wrote:
> Thanks Fajar.
>          In previous mail, "Push Policy" means Radius Attribute only. I am
> using EAP-TLS and When a client  sends a radius request with username
> "user1" to radius server. In access accept I am able to see attributes
> configured in users file being returned.
> In /etc/raddb/users file
> user1   Cleartext-Password := "user1"
>               Tunnel-Type := 13,
>               Tunnel-Medium-Type := 6,
>               Tunnel-Private-Group-Id := "guest",
>         LVL7-Wireless-Client-Policy-Dn := "policy1",
> Similarly for a usergroup say "usergroup1"   I should send radius
> attributes.. Also with client Mac which can be seen in radius request as
> calling station id.
> Can we do it from modifying config files instead of modifying sql database?

Should be possible. Though I have never tried using group from users
file, so you'd probably need to try it out yourself, or wait and see
if others have better example/advice.


More information about the Freeradius-Users mailing list