2011/10/4 Arran Cudbard-Bell <a.cudba...@freeradius.org> > > On 4 Oct 2011, at 13:32, Alejandro Gandara wrote: > > Hi list, > > Im using freeradius 2.1.10 with ldap and I have a doubt. > > Im testing radius with two NAS , first one an openvpn service and the > other one is a switch Procurve. > > My question is the following: > > Can I configure the openvpn nas to read some attribute from the ldap ( as > framedipaddress) and at the same time configure switch procurve to read the > attribute pool-name from the radius? > How can I tell freeradius which attribute read for each nas? > > For example: > > User1 connect trhough openvpn so it will get the ip provided from > framedipaddress attribute. > User 1 disconnect openvpn > User 1 connect with wired connection so it will get the IP provided for > ippool after read poolname attribute from ldap. > > > Sure... > > sites-available/default > > authorize { > if(Client-shortname == 'openvpn'){ > update reply { > Framed-IP-Address := "%{ldap:my ldap query}" > } > } > else { > update reply { > My-Other-Attribute := "%{ldap:my ldap query}" > } > } > } > > I' ve tried this way. But It didnt resolv my problem. if(NAS-Port-Type == 'Virtual'){ update reply { Framed-IP-Address := "%{RadiusFramedIPAddress}" } }
This step goes right, but for exemple Client Mike. It has 2 attributes in LDAP used by Radius. RadiusFramedIPAddress = x.x.x.x PoolName = Admin. If client connect against openvpn it has to take RadiusFramedIPAddress but if it connects through the switch He will take the IP provided for the pool Admin. The problem is the next one: Pool override RadiusFramedIPAddress or viceversa. I need use only one of them never both at same time. Any solutions? Thanks for all and sorry. Im asking too many things. > clients.conf > > client <foo ip> { > shortname = openvpn > } > > > Arran Cudbard-Bell > a.cudba...@freeradius.org > > Betelwiki, Betelwiki, Betelwiki.... http://wiki.freeradius.org/ ! > > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > >
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html