I was afraid someone would say that! Haha



-----Original Message-----
From: Donny Jekels [mailto:[EMAIL PROTECTED] 
Sent: April 19, 2007 10:57 AM
To: [EMAIL PROTECTED]; FreeRadius users mailing list
Subject: Re: suggestions for multiple vlans in hundreds of switches


you could extend your ldap schema and add a field for the vlan a user should
belong too.
then all you would need is to query that field and propogate the variable.

On 4/19/07, Matt Ashfield <[EMAIL PROTECTED]> wrote:


We'd like to use FR to assign users on our wired network to one of 30
different vlans on campus, based on an LDAP field. Currently, we are doing
this with huntgroups. Namely, we create a huntgroup for the NAS (in our 
case, a network switch), and then in the users file, we put the following:

DEFAULT Huntgroup-Name == mySWITCH1, Ldap-Group == staff
       Fall-Through = no

DEFAULT Huntgroup-Name == mySWITCH1, Ldap-Group == student
       Fall-Through = no
And so on...for other groups of user like faculty, admin, etc..

This seems to work. The issue is scale. I have would conceivably have to
have a huntgroup definition in the huntgroups file for each NAS. And if I 
wanted 30 vlans, I'd have to have 30 definitions like the ones above in my
users file for EACH one of my NAS's.

I'm sure there's a simpler way of doing things that I'm missing. Any advice 
is appreciated.



List info/subscribe/unsubscribe? See


List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to