On 17 Jul 2012, at 12:57, Cotton, Jesse wrote:
> Using FR as a central RADIUS server. One task it performs is dot1x auth. It
> forwards eap requests to one of several home servers which performs the auth
> and returns several attributes including Tunnel-Private-Group-Id. This
> attribute contains multiple values indicating one of several potential vlans
> a client can be put on. I would like perform simple load balancing by
> selecting one of the vlans randomly. I have the following within the
> post-auth section. What am I doing wrong? I have tried several variations. I
> know the syntax is incorrect but google has not been helpful. Thanks in
> advance.
>
>
>
>
>
> if("%{reply:Tunnel-Private-Group-Id[#]}" > 1){
>
> update reply {
>
> Tunnel-Private-Group-Id :=
> %{reply:Tunnel-Private-Group-Id[%{rand:%{reply:Tunnel-Private-Group-Id[#]}}]}
>
> }
>
> }
> Not a solution but some caveats. If you are randomly returning a vlan, you could have clients bouncing around vlans when they reauth. You may also achieve the same result using features in your wireless equipment. For example if you have Cisco wireless you could use Vlan Select (and return the clan select group from the radius server). Scott Armitage
signature.asc
Description: Message signed with OpenPGP using GPGMail
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
