Ramon Escriba wrote:
Hi Alan,
Then does it possible to do a general match rule in huntgroups to lets say
the 35 first ports belong to a vlan A and the rest 36 to 48 to vlan B,or
not?
What did my message say?
business NAS-IP-Address == 192.168.2.5, NAS-Port-Id == 1-35
IT
Hi
I'm trying to organize my net using 802.1x able switches with freeradius
2.1.1+Openldap2-2.4+OpenSuse11.1
The system is running, at least @ test level but not yet deployed, but I
reach a cross road and finally I've to choose.
Or having one ldap subtree per vlan, filled with all host that
Ramon Escriba wrote:
Is that aproach, try the next vlan if exists @ ldap, possible, how?
You've tried a lot of different things and are lost in the complexity
of the solution.
The problem isn't that hard. Find a key which determines which VLAN
to use. This key can be switch IP, location,
=cells...@lists.freeradius.org] On
Behalf Of Alan DeKok
Sent: jueves, 30 de septiembre de 2010 9:34
To: FreeRadius users mailing list
Subject: Re: Radius+Ldap:Allow the same host in multiple vlans
Ramon Escriba wrote:
Is that aproach, try the next vlan if exists @ ldap, possible, how?
You've tried
Ramon Escriba wrote:
By the way, in some of the cases the switch-ip, even switch+port, is the
key, so huntgroups does the job but only partially.
This works (original huntgroups example):
#business NAS-IP-Address == 192.168.2.5, NAS-Port-Id == 1
But not this:
#business
: Radius+Ldap:Allow the same host in multiple vlans
Ramon Escriba wrote:
By the way, in some of the cases the switch-ip, even switch+port, is
the key, so huntgroups does the job but only partially.
This works (original huntgroups example):
#business NAS-IP-Address == 192.168.2.5, NAS
On 2010/09/30 05:05 PM, Ramon Escriba wrote:
Hi Alan,
Then does it possible to do a general match rule in huntgroups to lets say
the 35 first ports belong to a vlan A and the rest 36 to 48 to vlan B,or
not?
It sounds like you need some custom logic.
Have you looked at rlm_perl?
--
Johan
7 matches
Mail list logo