[RADIATOR] vlan change for EAP clients with external radiusserver
Roel Hoek
r.h.hoek at utwente.nl
Mon Mar 25 04:09:04 CDT 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 2013-03-22 20:02, A.L.M.Buxey at lboro.ac.uk wrote:
> Hi,
>
>> Question:
>> How to set the vlan-attribute for external authenticated users?
>
> AddToReply
>
>> I only can stripoff and add reply-items for all external users but not for a specific user depending on his MAC-address......
>
> Ar Hook, specifically a PostAuthHook. fire off a PERL script in the PostAuth that sets eg VLAN depending on the
> Calling-Station-Id of the client. the authentication is happening remotely...but the person
Thanks, I will have a look at this. It is important for us that this script uses the same users-file as is used by the local authenticated users. I will have al look at the goodies directory.
> is local so this value wont be accidentally missing. but what purpose is this for? is this
> something that eg the eduroam 'CUI' requirement is for?
We make use of quarantainenet (quarantainenet.com). When a abnormality is detected, a host is isolated based on its MAC-address.
>
> hooks.txt in the goodies directory for initial path to follow.....
>
> alan
>
- --
Kind Regards,
Roel Hoek
ICT Service Centre
University of Twente, P.O.Box 217, 7500 AE Enschede, The Netherlands
Telephone +31 53 489 4598, Fax +31 53 489 2383
R.H.Hoek at utwente.nl; http://www.utwente.nl/icts
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEUEARECAAYFAlFQFCoACgkQJwlRSGnYBcZ3gACbBRUA0Zj5uVM7k+W3iCQ17CMp
9mMAlieV1pH7iJ/bEeQ38hmCs6wykro=
=OO3F
-----END PGP SIGNATURE-----
More information about the radiator
mailing list