Hi!
I'm implementing 802.1x EAP-TLS and EAP-PEAP with postgresql. All works fine, but I need to generate three groups of users: red, yellow and green... the green group is for guests (no have any certificate) who only have permission to web browsing in intranet servers, the yellow group can browse in internet and intranet, but, with bandwidth limit and time restriction, and the red group members have full internet and intranet access.
I'm searching for alternatives for this kind of implementation, and VLAN is the most acurate for this, but this is not supported by my AP :( (cheap AP, Dlink 2000AP+).
One alternative is to capture the MAC address when the user is logged in and then recompute the firewall rules for the kind of usergroup, yea... ok, this has a lot of weekness, but is the best effort with this model of APs.
Any ideas?, throw to garbage the actual APs, is not an alternative... :D
CArlos.-
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
