Freeradius + Ldap - Authorise OK but NO dynamic VLANs
Matthew Pulis
mpulis at gmail.com
Thu Aug 18 11:44:25 CEST 2016
Is this to what you are referring Alan please?
DEFAULT Ldap-Group == "cn=SeminaryAdmin,ou=SeminaryOU,dc=seminary,dc=local"
Tunnel-Type = VLAN,
Tunnel-Medium-Type = IEEE-802,
Tunnel-Private-Group-Id = "12"
#Reply-Message = "You are Accepted"
and this: in: /sites-enabled/default:
But there is a bug in update-reply .. not sure why:
Thu Aug 18 11:41:05 2016 : Error:
/etc/freeradius/sites-enabled/default[465]: Failed to find "update-reply"
in the "modules" section.
Thu Aug 18 11:41:05 2016 : Error:
/etc/freeradius/sites-enabled/default[465]: Failed to parse "update-reply"
subsection.
Thu Aug 18 11:41:05 2016 : Error:
/etc/freeradius/sites-enabled/default[461]: Errors parsing post-auth
section.
post-auth {
if (Ldap-Group == "Management") {
update-reply {
Tunnel-Type = VLAN,
Tunnel-Medium-Type = 802,
Tunnel-Private-Group-ID = 1
}
}
elsif (Ldap-Group == "Formators") {
update-reply {
Tunnel-Type = VLAN,
Tunnel-Medium-Type = 802,
Tunnel-Private-Group-ID = 10
}
}
elsif (Ldap-Group == "Seminarians") {
update-reply {
Tunnel-Type = VLAN,
Tunnel-Medium-Type = 802,
Tunnel-Private-Group-ID = 11
}
}
elsif (Ldap-Group == "SeminaryAdmin") {
update-reply {
Tunnel-Type = VLAN,
Tunnel-Medium-Type = 802,
Tunnel-Private-Group-ID = 12
}
}
elsif (Ldap-Group == "Staff") {
update-reply {
Tunnel-Type = VLAN,
Tunnel-Medium-Type = 802,
Tunnel-Private-Group-ID = 13
}
}
elsif (Ldap-Group == "Guests") {
update-reply {
Tunnel-Type = VLAN,
Tunnel-Medium-Type = 802,
Tunnel-Private-Group-ID = 20
}
}
else {
reject
}
More information about the Freeradius-Users
mailing list