Hi, I am trying to assign different VLANs based on realms. I use rlm_attr_filter and attrs file to acomplish this.
I have done the following setting in attrs file labtest.de Tunnel-Type:1 := VLAN Tunnel-Medium-Type:1 := IEEE-802 Tunnel-Private-Group-Id:1 := "labtest" it works perfectly and I receive access accept from radius server with following message sent to my NAS rad_check_password: Auth-Type = Accept, accepting the user Sending Access-Accept of id 22 to 129.69.1.50:1812 Tunnel-Type:1 := VLAN Tunnel-Medium-Type:1 := IEEE-802 Tunnel-Private-Group-Id:1 := "labtest" but the NAS which is cisco Catalyst 2970 switch doesn't open the port. Additionally It doesn't understand the Tunnel attributes. But when I try for a local user defined in users file testuser User-Password =="test" Tunnel-Type:1 = VLAN, Tunnel-Medium-Type:1 =IEEE-802, Tunnel-Private-Group-Id:1 = labtest I see this message in radius debug mode Sending Access-Accept of id 29 to 129.69.1.50:1812 Tunnel-Type:1 = VLAN Tunnel-Medium-Type:1 = IEEE-802 Tunnel-Private-Group-Id:1 = "labtest" MS-MPPE-Recv-Key = 0x82d2b417e4803da1402b6b6e09ea33d9a17e7831ab9f4e72168f71e35948c625 MS-MPPE-Send-Key = 0x0f4e0d86d24e2ae90704293d7f1d4e780e5d7fd506339548117e239582d2e91f EAP-Message = 0x03060004 Message-Authenticator = 0x00000000000000000000000000000000 User-Name = "testuser" now the only difference I see when Tunnel attributes are passed to NAS is the operators ":=" for realm and "=" for local user. Can any body suggest that what is wrong with my settings to make attr_filter work fine with post proxy or I have done something wrong in my settings. I will be very thankful. Regards, Raza. __________________________________ Do you Yahoo!? Yahoo! Mail - now with 250MB free storage. Learn more. http://info.mail.yahoo.com/mail_250 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html