Thanks, may I ask you to send me the config you use in freeradius? That would be great!
/Götz Am 05.04.11 16:42, schrieb schilling: > We are using wlan - freeradius - ldap too. > In the freeradius, you check ldap whether username is in student or > nonstudent group, then you need to send back either > IETF 64 65 81 or some vendor specific attributes > > On the WLAN controller, you then either use the IETF 64 65 81 or > vendor specific attributes to drop the user session in the VLAN. > > Schilling > > > > On Tue, Apr 5, 2011 at 9:07 AM, Götz Reinicke - IT-Koordinator > <goetz.reini...@filmakademie.de> wrote: >> Hi, >> >> may be someone can point me into the right direction: >> >> we do have a new wlan - freeradius - ldap setup and want to assign two >> main usergroups to two main wlans. >> >> Each wlan has an own vlan. >> >> We use cisco switches and APs and got a wlan controller. >> >> So far we do have different SSIDs and all users can access both WLANs >> with their username/password stored in our ldap. >> >> Now we'd like students only to be able to access the students WLAN and >> employees to access there WLAN. >> >> My question: Where is the point to start to configure such a setup? >> >> I think, somewhere there must be some sort of check if the user >> assceesing the e.g. student wlan is in the primary posixgroup student. >> >> Or do I have to 'send' the VLAN ID to the network devices? >> >> >> Thanks for any hint and best regards >> >> Götz Reinicke >> -- -- Götz Reinicke IT-Koordinator Tel. +49 7141 969 420 Fax +49 7141 969 55 420 E-Mail goetz.reini...@filmakademie.de Filmakademie Baden-Württemberg GmbH Akademiehof 10 71638 Ludwigsburg www.filmakademie.de Eintragung Amtsgericht Stuttgart HRB 205016 Vorsitzende des Aufsichtsrats: Prof. Dr. Claudia Hübner Geschäftsführer: Prof. Thomas Schadt
smime.p7s
Description: S/MIME Cryptographic Signature
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html