Hi all, This is probably a bit newbie-ish, but I thought I'd try anyway. We are trying to authenticate users based on the username/password given AND the vlan they are authenticating from. Is this possible?
A quick overview of our scenario is as follows: - Wireless service offering an SSID/VLAN for students and SSID/VLAN for staff. - Users connect to an SSID and are in the vlan associated for it. They are redirected to a portal where they must authenticate using radius - to -ldap authentication. We have this working. However, the question came up..what if a student connects to the Staff SSID/VLAN. His username/password would still authenticate correctly and he'd be given access at this point. But if we could get Radius to check and LDAP field which say which vlan he has access to, and allow or deny access to the network if the user is not currently in that vlan, then I guess that would be the ideal solution. Any suggestions are welcome. Thanks Matt [EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html