Hi Everyone,
I thought I'd run this by the group before I opened a support ticket. I am
migrating from M$ NPS to Linux/FreeRADIUS integrated with AD. I have it all
working and can authenticate just fine except I can't seem to limit users to a
VNS by using Filter-ID. So, I'm authenticating with winbind and authorizing
with ldap. I even have the LDAP group lookup working great and having
FreeRADIUS return a Filter-ID based on the group membership but the HiPath
doesn't seem to be reading this. It works with NPS but not FR.
Excerpt from users:
DEFAULT Ldap-Group == "DEPT_IS"
Filter-Id = "TechAuthPolicy",
Fall-Through = 0
Excerpt from freeradius -X:
Sending Access-Accept of id 89 to 10.0.0.1 port 33716
Filter-Id = "TechAuthPolicy"
TechAuthPolicy is the name of the policy in the HiPath controller. I can change
the configuration line in the users file for the policy name to something
complete invalid and it still let's me connect to this VNS. Again, this works
fine with NPS but not with FR.
Has anyone seen this? What other information can I provide?
Thank you!
Stephen
P.S. The reason we're moving to FR is so we can use public, not self-signed,
keys for easier wireless configuration for 3000 students
---
To unsubscribe from enterasys, send email to [email protected] with the body:
unsubscribe enterasys [email protected]
