Freeradius Restrict User Auth Request Based on VLAN [SOLVED]

Thu Jan 18 05:31:18 CET 2018

yes you are right i want to move the 'ugly' looking sql statement in module file which is not yet created, i want to make one.

but thank you, policy.conf have similar stuff.


From: Freeradius-Users < at> on behalf of Nathan Ward <lists+freeradius at>
Sent: Thursday, January 18, 2018 9:06 AM
To: FreeRadius users mailing list
Subject: Re: Freeradius Restrict User Auth Request Based on VLAN


> On 18/01/2018, at 4:54 PM, JAHANZAIB SYED <aacable at> wrote:
> - For some reasons we are still on 2.x series version. Will add unlag query once upgrade to 3.x.

The recommendation exists since 2.0.

#  As of 2.0, much of the functionality of this module is in "unlang".
#  You should probably investigate using that before trying to use
#  the "checkval" module.

> - by module I mean to say that for vlan checking I have added sql query in the authorize section. I wanted to make a module like 'checkvlan_module' in ./modules folder & then call it from sites-enabled/default file, & based on the result returned by the 'checkvlan_module' i can take action.
> One Example:
> #totalbytecounter{
> #reject = 1
> #}
> #if(reject){
> #ok
> #update reply {
> #Reply-Message := "Quota Limit Exceed!"
> #}

I think I see what you mean - you want to put the ugly looking sql and logic in another file?
You want to put that in policy.conf. There are many examples in there of how to do this.

I’m not sure what your `checkvlan_module’ file has in it, so I can’t really comment further as to whether it will do the same sort of thing. This is your file, that you have created, I can’t guess what is in it.

Nathan Ward

List info/subscribe/unsubscribe? See

More information about the Freeradius-Users mailing list