On 08/01/2011 10:32 PM, Smith, Todd wrote: > I have a working Radiator configuration that is working for our enterprise > wireless network but I am looking to expand it to include other types of > network access devices. Looking through the documentation and the goodies > directory, I don't see a good example to refer to. What I would like to do > is something like this: > > Network Access Device X using EAP protocol Y allowing access to usergroup Z > to a certain level of permissions and admingroup A having different > permissions. > > Network Access Device 1 using EAP protocol G allowing access to usergroup W > to a certain level of permissions and admingroup B having different > persmissions. > > My current configuration has many client devices defined but they are all > using the same handlers and realm information and I didn't see a way to use > many different network access devices with different configurations. I am > sure that I am missing something and if there is a section of documentation > that covers this or a file in the goodies directoy then please point me to it > so that I can learn.
To differentiate between devices, NAS-IP-Address and NAS-Identifier request attributes are often used in Handler checklists. Called-Station-Id may also be useful for this. SQL and LDAP are commonly used for storing user and group information. You could e.g, do a SQL select to fetch user permissions based on the NAS-Identifier. You may want to check ref.pdf section "5.30.10 AuthColumnDef" for SQL and section "5.37.16 AuthAttrDef" for LDAP to see how user permissions or attributes can be fetched and returned back to the network access device. Thanks! Heikki -- Heikki Vatiainen <h...@open.com.au> Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator