Hi All,
We have the Cisco WISM solution up and running. I have set up a new WLAN
SSID with web based auth. I now want to put the users in different VLANs
depending on who they are using the RADIUS reply. I have ticked the 'Allow
AAA Override' box and i'm sending back the following RADIUS attributes:
Sending Access-Accept of id 50 to 172.17.107.242 port 32769
Airespace-Interface-Name = "np8ss0"
Service-Type = Login-User
Tunnel-Medium-Type = IEEE-802
Tunnel-Type = VLAN
Tunnel-Private-Group-Id = "449"
Airespace-Wlan-Id = 3
These are correctly received by the WISM:
Packet contains 6 AVPs:
AVP[01] Airespace / Interface-Name.....np8ss0 (6 bytes)
AVP[02] Service-Type...............0x00000001 (1) (4 bytes)
AVP[03] Tunnel-Medium-Type.........0x00000006 (6) (4 bytes)
AVP[04] Tunnel-Type................0x0000000d (13) (4 bytes)
AVP[05] Tunnel-Group-Id............449 (3 bytes)
AVP[06] Airespace / WLAN-Identifier....0x00000003 (3) (4 bytes)
but the client still remains in the default VLAN (i.e. is not moved to 449).
Does anybody know: Am i sending the correct attributes back?
What the magic incantation to make it work is?
We are running 4.1.185.0 on the WISMs and FreeRADIUS 1.1.7 for AAA.
Many Thanks,
James
--
James J J Hooper
Network Specialist
Information Services
University of Bristol
http://www.wireless.bris.ac.uk
--
**********
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at http://www.educause.edu/groups/.
