Re: LDAP authentication filter based on source SSID

2013-07-22 Thread Gustavo Vieira Oliveira
Yes it does. We found the solution by creating a rule that maps all the BSSID related to some SSID and then we do a specific filter to LDAP, so we did it for every SSID. Thanks for the help! Atenciosamente, Gustavo Vieira Oliveira GETIC - Gerência de Tecnologia da Informação SUSERV -

LDAP authentication filter based on source SSID

2013-07-12 Thread Gustavo Vieira Oliveira
Hello! I need some help with RADIUS regarding Wireless authentication with RADIUS + LDAP. I need to check if the user has permission to connect to a specific SSID, so we check a LDAP attribute for that. By that, we need to know from which SSID the authentication is being requested so we

Re: LDAP authentication filter based on source SSID

2013-07-12 Thread Olivier Beytrison
On 12.07.2013 17:03, Gustavo Vieira Oliveira wrote: I need some help with RADIUS regarding Wireless authentication with RADIUS + LDAP. Hello. which version of freeradius are you running ? I need to check if the user has permission to connect to a specific SSID, so we check a LDAP attribute

Re: LDAP authentication filter based on source SSID

2013-07-12 Thread Gustavo Vieira Oliveira
I forgot to say that we use H-REAP so we do not authenticate it in the WLC Atenciosamente, Gustavo Vieira Oliveira GETIC - Gerência de Tecnologia da Informação SUSERV - Superintendência de Serviços Compartilhados Sistema FIESC Rod. Admar Gonzaga, 2765 - Itacorubi - 88034-001 - Florianópolis -

Re: LDAP authentication filter based on source SSID

2013-07-12 Thread Gustavo Vieira Oliveira
Olivier, You don't need to set radius-server vsa send in the AP so it sends the SSID in the authentication request? Atenciosamente, Gustavo Vieira Oliveira GETIC - Gerência de Tecnologia da Informação SUSERV - Superintendência de Serviços Compartilhados Sistema FIESC Rod. Admar Gonzaga,

Re: LDAP authentication filter based on source SSID

2013-07-12 Thread Alan Buxey
Look at the requests coming from your AP in debug mode. You should see information there that can be used eg called station id with SSID appended or a VSA with the SSID name or number in it. Use that with your policy alan - List info/subscribe/unsubscribe? See

Re: LDAP authentication filter based on source SSID

2013-07-12 Thread Gustavo Vieira Oliveira
We got it working, the AP is sending the SSID with the calling station ID but only setting radius-server vsa send in the Access-point. The problem is that we have to do it manually (the Controller doesn't support it) in the AP, so when it reboots for some reason it cannot authenticate cause

Re: LDAP authentication filter based on source SSID

2013-07-12 Thread Matthew Newton
On Fri, Jul 12, 2013 at 12:48:48PM -0300, Gustavo Vieira Oliveira wrote: The problem is that we have to do it manually (the Controller doesn't support it) in the AP, so when it reboots for some reason it cannot authenticate cause the RADIUS doesn't receive the SSID. So, we need an alternative