freeradius filter ldap groups
Alan DeKok
aland at deployingradius.com
Mon Apr 23 14:20:30 CEST 2018
On Apr 23, 2018, at 8:04 AM, Juliano <julianosilva at utfpr.edu.br> wrote:
>
> I'm having trouble setting an authentication rule on freeradius. To better
> contextualize my environment, I would like to explain that I have only one
> freeradius server, one ldap server and two wireless networks (WEB-USERS and
> WEB-ADMIN). It is also important to remember that each wifi network is
> associated with a vlan, it´s 500 and 501 and your sub network 10.20.128.0/21
> and 10.20.8.0/23, respectively
That's standard.
> I need is that users of the users-wifi group only connect to the WEB-USERS
> network and users of the other group, called admin-wifi, can only connect to
> the WEB-ADMIN network.
That's also standard.
> I read that in the [...] / sites-enabled / default / file there is a section
> called post-auth, in which I can do this filter. However I don´t haved
> succeed with this filters. I would like your help in this situation.
Q: "I tried stuff and it didn't work. What did I do wrong?"
A: We have no idea, because you didn't tell us what you did.
Ask good questions:
http://wiki.freeradius.org/list-help
Then, type "ldap" into the search box on the wiki. Click on the first link you find. Read the documentation on "group".
Much of what you need to do is documented.
Alan DeKok.
More information about the Freeradius-Users
mailing list