Hello, Quite new to radius, so this might be a stupid question. Although I have been searching google for the last 2 hours trying to find the answer without any luck...
So, we are testing ciscos new Airespace wlan controller and would like to map users based on "OrganizationalUnit" (or something else) in the certificate to a specific VLAN. Cisco calls this feature of changing default values with radius "AAA override". There are a few more things you can change (QoS profile etc), but we are only interested in the VLAN for now. I have managed to get it working for all EAP authentications but that does not at all serve my needs more than that I see that my wlan controller interprets the radius message correctly. DEFAULT Auth-Type := EAP Tunnel-Type = 13, Tunnel-Medium-Type = 6, Tunnel-Private-Group-Id = 2 So how can I get selective and change the Group-Id based on stuff in the certificate? /Carl W. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html