Jail Users to their Vlans
-
Hello,
We have 9 captive portals with 9 vlans, we like that freeradius users are able to connect across all the vlans,
but we want to prevent some users from authenticating outside of their vlans ?How can we acheive this ?
Thanks !
-
Set the NAS IP in each CP zone so you can identify them that way, then configure your FreeRADIUS accordingly.
-
Hello, thanks for your response,
Well, I did that, I've set the NAS IP in cp zone, then went to a user in radius and added the Vlan ID, but this has no effect !
Any ideas why ?
-
Didn't anyone try this before ?
-
NAS IP and VLAN ID in the user config aren't the same thing. You'll need to configure freeradius accordingly to use the NAS IP you're sending it. I'm not sure offhand how to accomplish that in freeradius but that's where you'll need to look.