Need information on checking for SSID during group verification
Adarsha S
s.adarsha at gmail.com
Thu Sep 3 12:33:18 CEST 2015
Hi ,
I'm using free-radius on my debian linux.
Free radius is contacting external WINDOWS AD server for authentication.
The topology is to authenticate Mobile unites[MU] connecting to wireless
network.
The MU's are authenticated along with group verification.
During group verification I'm able to configure Login-Time also as one of
the check.
Along with this I need to verify the SSID via which MU's are connecting.
Please guide me what changes/add I need to do in config file of Radius.
Below is my user file content:
*/root # more /etc/raddb/users*
*DEFAULT Realm != "NULL"*
*anonymous Auth-Type := EAP*
* Fall-Through = No*
*Anonymous Auth-Type := EAP*
* Fall-Through = No*
*#Access Policy for Guest Users....*
*# primary ldap group policy configuration*
*# Policy for the groups*
*DEFAULT ldap_primary-Ldap-Group == "adarsha_radius_group_1",
Login-Time := "Any0600-2359"*
* Symbol-User-Group = "adarsha_radius_group_1",*
* Symbol-Allowed-ESSID += "adarsha_wlan"*
*DEFAULT ldap_primary-Ldap-Group == "adarsha_radius_group",
Login-Time := "Any0600-2359"*
* Symbol-User-Group = "adarsha_radius_group",*
* Symbol-Allowed-ESSID += "adhi_2"*
*DEFAULT ldap_primary-Ldap-Group == "adarsha_radius_group_2",
Login-Time := "Any0000-2359"*
* Symbol-User-Group = "adarsha_radius_group_2",*
*DEFAULT Auth-Type := Reject*
I need to use Symbol-Allowed-ESSID as one of the parameter for group
verification.
Currently its only group and login time:
*ldap_primary-Ldap-Group == "adarsha_radius_group_1", Login-Time :=
"Any0600-2359"*
Please guide me
Thanks,
Adarsha
More information about the Freeradius-Users
mailing list