Using user groups to simply my config
Jason Womack
jason at womack-mail.net
Fri Apr 15 16:41:38 UTC 2022
> See mods-available/etc_group
I reviewed this module and it just don't think it was what I was trying
to do since I wasn't trying to use my system group file.
Here is what I have working if someone could provide a general sanity
check.
dictionary
ATTRIBUTE VLAN-Group-Name 3000 string
authorize file #I created a bunch of just test users for using radtest
AA-BB-CC-DD-EE-FF Cleartext-Password := "AA-BB-CC-DD-EE-FF",
VLAN-Group-Name := "kids"
A1-BB-CC-DD-EE-FF Cleartext-Password := "A1-BB-CC-DD-EE-FF",
VLAN-Group-Name := "general"
A2-BB-CC-DD-EE-FF Cleartext-Password := "A2-BB-CC-DD-EE-FF",
VLAN-Group-Name := "iot"
in site configuration under post-auth
switch "%{control:VLAN-Group-Name}" {
case "iot" {
update reply {
Tunnel-Type = 13,
Tunnel-Medium-Type = 6,
Tunnel-Private-Group-Id = XXX
}
}
case "kids" {
update reply {
Tunnel-Type = 13,
Tunnel-Medium-Type = 6,
Tunnel-Private-Group-Id = XXX
}
}
case "general" {
update reply {
Tunnel-Type = 13,
Tunnel-Medium-Type = 6,
Tunnel-Private-Group-Id = XXX
}
}
}
This seems to accomplish the configuration I want to achieve using the
config files. Any issues with this approach?
More information about the Freeradius-Users
mailing list