wpa2 enterprise separate users

howtocisco howtocisco at howtocisco.pl
Mon Jan 26 12:43:07 CET 2015

I have a running freeradius server version 2.1.12.
Here's how thing are working:
1.Freeradius server is up and running, i have configured it to work with wpa2 enterprise eap-tls
2.Soho routers are configured to connect to freeradius server
3. In clients.conf i have defined multiple client directives ("Router1" and "Router2"), each with it's own public ip and different secret password (these are simple soho routers)
4. In users file i defined couple of users (let them be user "A" and user "B", each having their own certificate for authentication
5.User "A" is supposed to connect to Router1, and user "B" is supposed to connect to to Router2
6.User "A" can connect to Router1 via wifi, but also CAN connect to Router2, and the other way around: user "B" can connect to Router1 and Router2 (this make sense to me according how freeradius works)
7.What i want to achieve is to seperate those users the way, that they can only connect to defined Router (1 or 2, not both at the same time). 

Is there a way of doing it?
Any help would be appreciated.

More information about the Freeradius-Users mailing list