Re: Freeradius + 2 x LDAP + VLAN
Thank you, it works with simple modification (not too effective): ldap1 if (ok) { update reply { Tunnel-Type = VLAN Tunnel-Medium-Type = IEEE-802 Tunnel-Private-Group-Id = 1 } } ldap2 if (ok) { update reply { Tunnel-Type = VLAN Tunnel-Medium-Type = IEEE-802 Tunnel-Private-Group-Id = 2 } } Miroslav Dne 12.9.2013 19:36, Arran Cudbard-Bell napsal(a): On 12 Sep 2013, at 18:18, Miroslav Lednicky miroslav.ledni...@fnusa.cz mailto:miroslav.ledni...@fnusa.cz wrote: Hello, I have Freeradius 2.1.10 with 2 LDAP servers (ldap1 + ldap2) and Ubuntu 12.04 authorize { ldap1 if (ok) { update reply { Tunnel-Type = VLAN, Tunnel-Medium-Type = IEEE-802 Tunnel-Private-Group-Id = 1 } } elsif { ldap2 if (ok) { update reply { Tunnel-Type = VLAN Tunnel-Medium-Type = IEEE-802 Tunnel-Private-Group-Id = 2 } } } } Arran Cudbard-Bell a.cudba...@freeradius.org mailto:a.cudba...@freeradius.org FreeRADIUS Development Team - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Mgr. Miroslav Lednický - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Freeradius + 2 x LDAP + VLAN
Hello, I have Freeradius 2.1.10 with 2 LDAP servers (ldap1 + ldap2) and Ubuntu 12.04 I using it for 802.1x users. I need switch users from ldap1 to VLAN 1 and users from ldap2 to VLAN 2. I don't know how can i do it. My configuration: /etc/freeradius/modules/ldap: ldap ldap1 { ... server = 1.1.1.1 basedn = ou=users,dc=test,dc=cz ... } ldap ldap2 { ... server = 2.2.2.2 basedn = ou=users,dc=test1,dc=cz } /etc/freeradius/sites-enabled/inner-tunnel: authorize { chap mschap unix suffix eap { ok=return } files ldap1 ldap2 expiration logintime pap } authenticate { Auth-Type PAP { pap } Auth-Type CHAP { chap } Auth-Type MS-CHAP { mschap } Auth-Type LDAP1 { ldap1 } Auth-Type LDAP2 { ldap2 } eap } It works. But i need send atributes to switch or Access Point: Tunnel-Type=VLAN, Tunnel-Medium-Type=IEEE-802, Tunnel-Private-Group-Id=1 for users from ldap1 and Tunnel-Type=VLAN, Tunnel-Medium-Type=IEEE-802, Tunnel-Private-Group-Id=2 for users from ldap2 I tried configure it in /etc/freeradius/users, but without success. Thank You for help Miroslav - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Freeradius + 2 x LDAP + VLAN
On 12 Sep 2013, at 18:18, Miroslav Lednicky miroslav.ledni...@fnusa.cz wrote: Hello, I have Freeradius 2.1.10 with 2 LDAP servers (ldap1 + ldap2) and Ubuntu 12.04 authorize { ldap1 if (ok) { update reply { Tunnel-Type = VLAN, Tunnel-Medium-Type = IEEE-802 Tunnel-Private-Group-Id = 1 } } elsif { ldap2 if (ok) { update reply { Tunnel-Type = VLAN Tunnel-Medium-Type = IEEE-802 Tunnel-Private-Group-Id = 2 } } } } Arran Cudbard-Bell a.cudba...@freeradius.org FreeRADIUS Development Team - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html