Difan Zhao wrote:
> So I want to make all rest devices to be authenticated. It will be even
> better if I can assign them to a specific VLAN. I was reading
> ./sites-avaliable/default and I found that "forcibly accept the user
> (Auth-Type := Accept)". Where do I put it? I tried:
>
> post-auth {
> Post-Auth-Type REJECT {
> # attr_filter.access_reject
> Auth-Type := Accept
> }
> }
It's too late to over-ride the reject at that point.
And I doubt that this will prevent the icon from appearing on their
desktop. The icon means that the *PC* believes it wasn't authenticated.
The config above tells the *NAS* to allow them in, but does not
convince the *PC* that it has been authenticated.
There is no substitute for running the authentication protocol correctly.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
