Hello John, something like that in the vlan filters should work:
[ssid] filter = ssid operator = is value = OPENSSID [role] filter = node_info.category operator = match value = SOMEROLE [1:ssid&role] scope = RegisteredRole role = REJECT Regards Fabrice Le 2018-02-06 à 08:46, John Sayce via PacketFence-users a écrit : > I'm looking for a little guidance. I've got two SSIDs, one open and one > secured. They both use mac auth against packetfence. I don't want the > clients that are registered for certain roles to connect to the unsecured > SSID. Can I use a radius filter (or possibly a vlan filter) to match the > SSID and role to reject the clients? Something like > > [ssid] > filter = ssid > operator = is > value = OPENSSID > > [role] > filter = user_role > operator = is > value = SOMEROLE > > [1:ssid&role] > scope = returnRadiusAccessAccept > merge_answer = no > answer1 = RLM_MODULE_REJECT? > > Not really sure how to reject the radius request. > > Thanks > John Sayce > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Fabrice Durand fdur...@inverse.ca :: +1.514.447.4918 (x135) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://packetfence.org) ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
