Self Service Kiosk / Workflow to trust untrusted devices to add them to personal VLAN dynamically
Matthew Newton
mcn at freeradius.org
Tue Jan 4 13:35:08 CET 2022
On 01/01/2022 15:59, Stefan Mueller wrote:
> Thx for replying that quickly 😀, so you say it is technically feasible?
As I said, it may be. Depends on whether the AP can do VLAN allocation
together with WAP2-PSK. It normally only works with WPA2-Enterprise.
> I do ask as you highlight
> *There's may not be much more you can do as*
> *most things won't support different VLANs on WPA2-PSK.*
It's expected that VLAN allocation will work with WPA2-Enterprise when a
RADIUS server is involved.
RADIUS isn't normally part of the WPA2-PSK authentication process, so
VLAN allocation isn't either. It depends on what the AP does. It's
technically possible (if you are happy to base "authentication" on the
device MAC address only), but definitely not "normal".
> GUI could be done using home automation system what can speak to FreeRADIUS
> using its APIs if all can be done through APIs?
FreeRADIUS doesn't have APIs - you write data into databases using some
external method. FreeRADIUS reads data from databases and uses that to
make the policy decisions.
--
Matthew
More information about the Freeradius-Users
mailing list