Assign your private network users some additional attributes. For example, the following 3 additional attributes will direct the WAP to tunnel your private network users to VLAN# 20.
Tunnel-Private-Group-Id: 20 Tunnel-Medium-Type: 802 Tunnel-Type: VLAN
Users who don't get these attributes will be on the default (internet connected) vlan for the AP. Check dictionary.tunnel for more information.
Or you can set it up in reverse, depending on your needs. If you want unauthenticated wireless users stuck on a private network (not Internet connected), set that VLAN as the default for the AP. In this case, only authenticated users get tunneled on to the internet connected VLAN 20.
Or you can set up the AP to require authentication and tunnel individual users to their specified VLAN.
Dean.
[EMAIL PROTECTED] wrote:
Hi all and thanks for the answers,
I'll explain in a better way. I would like to have: a user A who can access to Internet with username A and password A (and
that's ok, it works); a user B who can access to Private Network (no Internet) with username B and password B. Both connecting to the same AP.
Both users have a pc with a wireless card.
The AP (Colubris) is connected to Private Network through cabled LAN where the Radius works and the Private Network is connected to Internet.
I tried in different ways and I read quiet all docs, but nobody seems to have this problem. Maybe there's no solution with one AP.
Thanks
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
