User login restrictions based on SSID

Sylvain Munaut s.munaut at
Tue May 24 16:30:21 CEST 2016


> I'm trying to set login restrictions based on SSID. For example users in Sales Group should only connect a particular SSID, etc.. and Support Team should be able to login to any SSID. We have Aruba Controller, which provide SSID in Aruba-Essid-Name attribute in Access-Request and using daloradius for user management.
> First i've tried the following to get this working without adding any sql code;
>  "Aruba-Essid-Name := ssid_name" in User Group Check attributes - didn't work
>  "Aruba-Essid-Name := ssid_name" in User Check attributes - didn't work

First off, check :

The :=  is an "assignement" sort of thing, as a check item it always
returns true.

If you use "==" in the "User Check attributes ", I think it'll do what
you want (could depends on a lot of other stuff in your config).
Because the user check won't match and so the "Clear-Text-Password"
assignment won't be done and without password set, the MSCHAPv2 will



More information about the Freeradius-Users mailing list