Do you use this scenario? Does Mikrotik really restrict each user to the given VLAN?
Thanks Jan Schermer Linux Administrator ET NETERA | smart e-business solutions [EMAIL PROTECTED] +420 608022225 ~ [ www.ahold.cz | www.annonce.cz | www.datart.cz ] [ www.knizniweb.cz | www.siemens.cz | www.cz.o2.com ] Created by ET NETERA | Powered by jNetPublish [EMAIL PROTECTED] wrote:
/interface vlan > crete VLAN names, IDs and bind to phisical interface /ip address > assign IP subnets to VLAN interfaces (names) VLANS can only enhance security. Ivan Kalik Kalik Informatika ISP Dana 30/5/2007, "Jan Schermer / ET NETERA" <[EMAIL PROTECTED]> piše:Hi, I want to tag VLANs on the wireless AP (Mikrotik OS) according to radius criteria (type of autentization, DN in certificate etc.). Does someone here have experience with that? It seems easy enough to do on the freeradius side, but how is this supposed to work on the wireless AP side? (I know, this is not a Mikrotik mailing list, sorry in advance :). Does the AP really have to be smart enough to tag packets per-client? Should it work out of the box? Is it secure to mix clients from different security domains? Any experience appreciated, thanks -- Jan Schermer Linux Administrator ET NETERA | smart e-business solutions [EMAIL PROTECTED] +420 608022225 ~ [ www.ahold.cz | www.annonce.cz | www.datart.cz ] [ www.knizniweb.cz | www.siemens.cz | www.cz.o2.com ] Created by ET NETERA | Powered by jNetPublish- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
begin:vcard fn:Jan Schermer / ET NETERA n:Schermer;Jan org:Et netera a.s.;Deployment and Operations adr:;;Milady Horakove 108;Praha 6;;16000;Czech Republic email;internet:[EMAIL PROTECTED] title:Linux Administrator tel;work:+420 233326810 tel;cell:+420 608022225 x-mozilla-html:FALSE url:http://www.etnetera.cz version:2.1 end:vcard
smime.p7s
Description: S/MIME Cryptographic Signature
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html