Self Service Kiosk / Workflow to trust untrusted devices to add them to personal VLAN dynamically

Stefan Mueller stefan.mueller.83 at
Sat Jan 1 15:52:01 CET 2022

Hello FreeRADIUS user,
I hope that someone out there is able to give me some piece of advice to my
unusual idea.

There are two WiFis in our multi-apartment building:

   1. WPA2  EAP Auth - for trusted user (such as residents) using
   FreeRADIUS for authentication and dynamic VLAN assignment
   2. WPA2 PSK (for guests, IoT without EAP support etc.)

Currently, the admin has to assign printer, TV-Boxes etc. manually to the
respective VLAN of a resident. The standard use case to make this necessary
is to allow the respective resident to control the device by smartphone.

Is it somehow possible to allow each resident to open an GUI and select
untrusted devices (devices connected to the WPA2 PSK) and just click on a
button to make them trusted, so their VLAN assignment will be change, means
FreeRADIUS changes the following
Mikrotik-Wireless-VLANID := 10,
Mikrotik-Wireless-VLANID-Type := 0,
due to this *workflow *triggered by an trusted user via the GUI?

Thank you and a restful start into 2022


More information about the Freeradius-Users mailing list