Is it possible to do Vlan assignment based on what nas the login request is coming from?

classic Classic list List threaded Threaded
5 messages Options
| Threaded
Open this post in threaded view
|

Is it possible to do Vlan assignment based on what nas the login request is coming from?

Users mailing list
Hi
Im testing vlan assignment on wifi. Freeradius 3 with sql. Looks like it is working ok.

But I want a user to be asigned to different vlan based on what nas the login request is coming from. Is this possible?

Like if user test log in on nas1 it gets vlan 100 and if the same user log in on nas2 it gets vlan 200

Any ideas?

Best Regards,
Håvard Rabbe

Sendt fra min iPhone

Sendt fra min iPhone

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: Is it possible to do Vlan assignment based on what nas the login request is coming from?

raduser
Hi,

What about writing your own module?

Regards.
________________________________
От: Freeradius-Users <freeradius-users-bounces+format_hub=[hidden email]> от имени Håvard Rabbe via Freeradius-Users <[hidden email]>
Отправлено: 30 ноября 2019 г. 4:47:28
Кому: [hidden email] <[hidden email]>
Копия: Håvard Rabbe <[hidden email]>
Тема: Is it possible to do Vlan assignment based on what nas the login request is coming from?

Hi
Im testing vlan assignment on wifi. Freeradius 3 with sql. Looks like it is working ok.

But I want a user to be asigned to different vlan based on what nas the login request is coming from. Is this possible?

Like if user test log in on nas1 it gets vlan 100 and if the same user log in on nas2 it gets vlan 200

Any ideas?

Best Regards,
Håvard Rabbe

Sendt fra min iPhone

Sendt fra min iPhone

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: Is it possible to do Vlan assignment based on what nas the login request is coming from?

Alan DeKok-2
In reply to this post by Users mailing list
On Nov 29, 2019, at 9:47 PM, Håvard Rabbe via Freeradius-Users <[hidden email]> wrote:
>
> Hi
> Im testing vlan assignment on wifi. Freeradius 3 with sql. Looks like it is working ok.
>
> But I want a user to be asigned to different vlan based on what nas the login request is coming from. Is this possible?
>
> Like if user test log in on nas1 it gets vlan 100 and if the same user log in on nas2 it gets vlan 200


        if (Packet-Src-IP-Address == ip.of.nas.1) {
                update reply {
                        Tunnel-Type := IP
                        Tunnel-Medium-Type := IEEE-802
                        Tunnel-Private-Group-Id := "vlan100"
                }
        }

  You'll have to double-check what your NAS needs to do VLAN assignment, but that's pretty close.

  Alan DeKok.


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: Is it possible to do Vlan assignment based on what nas the login request is coming from?

Users mailing list
Thank you so much.  I want to test that,
But where in the config do I have to run the if test?

Håvard Rabbe

Sendt fra min iPhone

> 30. nov. 2019 kl. 14:51 skrev Alan DeKok <[hidden email]>:
>
> On Nov 29, 2019, at 9:47 PM, Håvard Rabbe via Freeradius-Users <[hidden email]> wrote:
>>
>> Hi
>> Im testing vlan assignment on wifi. Freeradius 3 with sql. Looks like it is working ok.
>>
>> But I want a user to be asigned to different vlan based on what nas the login request is coming from. Is this possible?
>>
>> Like if user test log in on nas1 it gets vlan 100 and if the same user log in on nas2 it gets vlan 200
>
>
>    if (Packet-Src-IP-Address == ip.of.nas.1) {
>        update reply {
>            Tunnel-Type := IP
>            Tunnel-Medium-Type := IEEE-802
>            Tunnel-Private-Group-Id := "vlan100"
>        }
>    }
>
>  You'll have to double-check what your NAS needs to do VLAN assignment, but that's pretty close.
>
>  Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: Is it possible to do Vlan assignment based on what nas the login request is coming from?

Alan DeKok-2


> On Nov 30, 2019, at 9:14 AM, Håvard Rabbe via Freeradius-Users <[hidden email]> wrote:
>
> Thank you so much.  I want to test that,
> But where in the config do I have to run the if test?

  Where do the "if" statements go?

  You need to put this in a virtual server.  Likely in the "post-auth" section.

  Alan DeKok.


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html