Re: Freeradius + 2 x LDAP + VLAN

2013-09-16 Thread Miroslav Lednicky 

Thank you,

it works with simple modification (not too effective):


ldap1
if (ok) {
update reply {
Tunnel-Type = VLAN
Tunnel-Medium-Type = IEEE-802
Tunnel-Private-Group-Id = 1
}
}

ldap2
if (ok) {
update reply {
Tunnel-Type = VLAN
Tunnel-Medium-Type = IEEE-802
Tunnel-Private-Group-Id = 2
}
}


Miroslav

Dne 12.9.2013 19:36, Arran Cudbard-Bell napsal(a):


On 12 Sep 2013, at 18:18, Miroslav Lednicky miroslav.ledni...@fnusa.cz
mailto:miroslav.ledni...@fnusa.cz wrote:


Hello,

I have Freeradius 2.1.10 with 2 LDAP servers (ldap1 + ldap2) and
Ubuntu 12.04


authorize {
ldap1
if (ok) {
update reply {

Tunnel-Type = VLAN,

Tunnel-Medium-Type = IEEE-802

Tunnel-Private-Group-Id = 1

}
}
elsif {
ldap2
if (ok) {
update reply {

Tunnel-Type = VLAN
Tunnel-Medium-Type = IEEE-802
Tunnel-Private-Group-Id = 2
}
}
}
}

Arran Cudbard-Bell a.cudba...@freeradius.org
mailto:a.cudba...@freeradius.org
FreeRADIUS Development Team



-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html



--
Mgr. Miroslav Lednický
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Freeradius + 2 x LDAP + VLAN

2013-09-12 Thread Miroslav Lednicky 

Hello,

I have Freeradius 2.1.10 with 2 LDAP servers (ldap1 + ldap2) and Ubuntu 
12.04


I using it for 802.1x users.

I need switch users from ldap1 to VLAN 1 and users from ldap2 to VLAN 2.

I don't know how can i do it.

My configuration:

/etc/freeradius/modules/ldap:

ldap ldap1 {

...

server = 1.1.1.1
basedn = ou=users,dc=test,dc=cz

...

}

ldap  ldap2 {

...

server = 2.2.2.2
basedn = ou=users,dc=test1,dc=cz



}

/etc/freeradius/sites-enabled/inner-tunnel:

authorize {
chap
mschap
unix
suffix
eap {
ok=return
}
files
ldap1
ldap2
expiration
logintime
pap
}

authenticate {
Auth-Type PAP {
pap
}

Auth-Type CHAP {
chap
}

Auth-Type MS-CHAP {
mschap
}

Auth-Type LDAP1 {
ldap1
}

Auth-Type LDAP2 {
ldap2
}
eap
}

It works.

But i need send atributes to switch or Access Point:

Tunnel-Type=VLAN,
Tunnel-Medium-Type=IEEE-802,
Tunnel-Private-Group-Id=1

for users from ldap1

and

Tunnel-Type=VLAN,
Tunnel-Medium-Type=IEEE-802,
Tunnel-Private-Group-Id=2

for users from ldap2

I tried configure it in /etc/freeradius/users, but without success.

Thank You for help

Miroslav
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Freeradius + 2 x LDAP + VLAN

2013-09-12 Thread Arran Cudbard-Bell 

On 12 Sep 2013, at 18:18, Miroslav Lednicky miroslav.ledni...@fnusa.cz wrote:

 Hello,
 
 I have Freeradius 2.1.10 with 2 LDAP servers (ldap1 + ldap2) and Ubuntu 12.04

authorize {
ldap1
if (ok) {
update reply {
Tunnel-Type = VLAN,
Tunnel-Medium-Type = IEEE-802
Tunnel-Private-Group-Id = 1

}
}
elsif {
ldap2
if (ok) {
update reply {
Tunnel-Type = VLAN
Tunnel-Medium-Type = IEEE-802
Tunnel-Private-Group-Id = 2 
}
}
} 
}

Arran Cudbard-Bell a.cudba...@freeradius.org
FreeRADIUS Development Team

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html