Hi again, Thanks for everyone's input on the last question I asked today. I have another : we are running cisco 1100/1200 series Aps with multiple SSIDs. Depending on ldap groups users are assigned a VLAN which corresponds to the internal or DMZ based network. The issue is that if a user is in both groups, I either have to assign a "most important" one or do something else. With some devices I'd like the opportunity to join either vlan. Because I am not aware that the cisco IOS can send an "SSID" attribute to the radius server (if someone knows how to do this PLEASE tell me!), I need to either send the authentication request to another radius server and proxy from there so that all the traffic appears from one ip address, or choose a different port and create a separate virtual server that listens on that port and contains perhaps a different files section, perhaps users_ssid or something that has separate rules. Anybody got any bright ideas or opinions which would be best? Thanks Andy
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html