Hi, We are currently doing this in two steps:
1º we change the VLAN based on a LDAP attribute (this could be done based on groups as well, I think) with an extra "Auth By"; 2º since we have several domains and we don't usually fill the VLAN into the LDAP, we split each domain to its own VLAN with a PostAuthHook we have modified for this purpose (this only as effect if the VLAN was not set in the previous step); If you want I can provide the configuration guidelines and the hook. Regards, ___________________________________________________________________________ Jhonny Freire de Oliveira Núcleo de Sistemas, Infra-estruturas e Segurança // Área de Sistemas e Comunicações // Serviços Tecnológicos SERVIÇOS PARTILHADOS DA UNIVERSIDADE DE LISBOA SHARED SERVICES OF THE UNIVERSITY OF LISBON Email: [email protected] // Tel: +351 210 443 441 // Tel: +351 967 610 703 // Ext: 30251 Alameda da Universidade, Cidade Universitária 1649-004 Lisboa www.sp.ul.pt -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Patrick Renkens Sent: sexta-feira, 12 de Novembro de 2010 16:32 To: [email protected] Subject: [RADIATOR] Dynamically assign VLAN to wireless clients Hi All, We would like to dynamically assign VLAN's to wireless clients. All of the authentication process (inner and outer tunnel etc.) runs OK, but the last step should be assigning a dynamic VLAN ID (Tunnel-Private-Group-ID) to the client in a short range of ID's. Can this be done, and if so, how? I already wrote a small PostAuthHook that can generate a random VLAN-ID within this short range of ID's. It replaces the default Tunnel-Private-Group-ID in the reply-packet with the generated ID, but it doesn't do the trick. It does replace the Tunnel-Private-Group-ID but is has no affect on the process (so it seems). The reason for this feature is that the current VLAN is too small and we prefer to have several VLAN's for the wireless clients instead of a much larger single VLAN. Any other ideas or workarounds are also appreciated. Kind regards, Patrick Renkens Centre for Information Services (UCI) Radboud University Nijmegen, Netherlands _______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator _______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator
