2 captive portal - 1 freeradius - How to configure?
we are using in our school a captive portal on a pfsense 2.1.5 for the access to wifi.
Now we want to separate pupil and teachers. So we have 2 SSIDs with two differnet VLANs and 2 CP but just one radiusserver.
I have got three problems?
- How can I spezifise the request of pfsense to freeradius? Is this the NAS Identifier?
- Can I use 2 differnet user-files - one for pupil, one for teacher - or do I have to spezifise in the common user-file which user is an teacher?
- How can the tell freeradius which user-file or definition is for which request?
Thanks for your help.
Yes. Setting the NAS-Identifier differently for each CP instance should enable to to steer RADIUS in the right direction.
You can use it in the users file as a check item. It will have to match along with the username and password or the RADIUS server will send an Access-Reject.
bob Cleartext-Password := "hello", NAS-Identifier == Teacher-NAS Reply-Item += "Reply Blah Blah"
Or something like that…