Diffrent authentication based by SSID
A.L.M.Buxey at lboro.ac.uk
A.L.M.Buxey at lboro.ac.uk
Mon Aug 5 21:52:57 CEST 2013
Hi,
> In that situation i need to have active, both sql and ldap, authorization
> modules in inner-tunnel. So users, who should identify by login/pass in
> guest SSID, can be authenticate via inner-tunnel ldap module. I don't want
> this.
use whatever you want to use. what do you use now? all you need to do is distinguish between
the two types of requests. and handle them how you want. will the guest SSID be 802.1X
if so, inner-tunnel is available by default (as thats used for EAP) - if not, then you wont
configure anything in there.
each SSID will be presented to your RADIUS server with particular attributes...you will
be able to use those to decide what to do.... eg
if (%{whatever-attribute} =~ /sometext/ ) {
ldap
}
else {
sql
}
that sort of thing. and to be honest. you WILL need some decent data source for advancing your
RADIUS into something scalable and usable...ie SQL or LDAP - sticking with a flat users file
will end up with tears in most systems.
alan
More information about the Freeradius-Users
mailing list