Using NAS-Identifier with login criteria

Brian Boere brian.boere at netwize.ca
Sat Apr 11 04:20:13 CEST 2015


We are in the process of setting up FreeRadius 2.1.1 on a SLES10 server to authenticate with/against eDirectory on the back end to allow access to our wireless networks.  
We having things working so far that users can get access to one of the wireless networks if they are a member of a specific eDirectory group.  (using the users file and "DEFAULT Ldap-Group..." 
We are basically going to have 2 different wireless networks (wifi1 ad wifi2).  When using the radius for authenticating, the different wireless networks use their SSID as the NAS-Identifier.  (we are able to see this when running "radiusd -X".
Ultimately we want to allow all users who have an edirectory account to be able to use wifi1, but only members of a specific edirectory group can have access to wifi2 (NAS-Identifier = wifi2)
How do we go about accomplishing this?
Thanks in advance for any suggestions.
Brian




More information about the Freeradius-Users mailing list