Le 21/05/2012 10:47, Alan DeKok a écrit :
Emmanuel BILLOT wrote:
Hi,
Thanks for your answers.
So you mean that NAS (indeed access point for us) have to understand
attributes. Any RFC that NAS doc may refer to ?
If there isn't any doc or attribut, do you know any way to managed users
connexions when using EAP protocol ?
Regards,
Our WIFI access is managed by EAP-TTLS/EAP-PEAP with radius
authentication based on LDAP. So users can connect and use Internet,
however is possible to limit access (bandwith, connecting time) with
Freeradius ?
FreeRADIUS isn't a router. See your NAS documentation for which
attributes it needs to do access limitation. Many NASes CANNOT do such
limitation.
In other words, it seems (maybe i'm wrong) that Freeradius can send
attribut with values when answering with Access Accept packet. I guess
that clients have to understand it for being effective right ?
Yes.
So when using access point with EAP protocol, i guess native EAP client
have to be compatibe with an attribut list ?
No. The EAP client is the end user PC. Only the NAS needs to
understand RADIUS attributes.
This behaviour seems to be implemented in captive portal, and attributes
can be managed in portal configuration. Is it possible with EAP access
(native client or secure w2 like ?)
No. Captive portals are not compatible with EAP.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
Emmanuel BILLOT
CATEL - Dpt. Système et Réseaux
Rectorat - Académie d'Orléans-Tours
10, rue Molière - 45000 Orléans
Tél : 02 38 79 45 57
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
