Thanks, that helps a lot. :-)
Cheers, Roy Kartadinata ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Arran Cudbard-Bell Sent: Monday, June 23, 2008 4:15 PM To: FreeRadius users mailing list Subject: Re: Limiting Wifi Access On 23 Jun 2008, at 21:01, Ivan Kalik wrote: Run server in debug mode. Is SSID appearing in some attribute in Access-Request? It's usually in the Called-Station-Id attribute: <radio-mac>:<ssid> # Rewrite calling station id and called station id attributes # into a standard format. # If a 6th seperator is present write the trailing chars into Called-Station-SSID if("%{Called-Station-Id}" =~ /^([0-9a-f]{2})[-:]?([0-9a-f]{2})[-:]?([0-9a-f]{2})[-:]?([0-9a-f]{2,})[-:]?([0-9a-f]{2})[-:]?([0-9a-f]{2})[-:]?([-a-z0-9_.]*)?/i){ update request { Called-Station-Id := "%{1}%{2}%{3}%{4}%{5}%{6}" Called-Station-SSID := "%{7}" } } That generally works in FR 2.0* , though you have to define Called-Station-SSID as a local attribute, see etc/raddb/dictionary for examples. Ivan Kalik Kalik Informatika ISP Dana 23/6/2008, "Roy Kartadinata" <[EMAIL PROTECTED]> piše: Hi guys, We're trying to centralize our corporate wifi authentication using freeradius. So far, I was able to get user to authenticate based on NAS IP (I got access to multiple NAS working as well) and Mac Address. Is it possible to also limit their access per SSID? The reason for this is because one of our locations, our HQ, has 3 SSID and only certain people have access to certain SSID but I'm not sure if this will conflict with already working NAS checking. Our HQ is using Cisco Wireless LAN Controller so all 3 SSID will connect to radius using the same NAS IP. Cheers, Roy Kartadinata - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html