Peter Eriksson wrote: > I'm trying to set up a rather complicated RADIUS structure that I hope > will be able to support a number of different needs.
2.1 should be *much* easier than 1.1.x. See the virtual server configuration. It means that one server can do all of this, while still keeping each configuration separate. > It seems I should be able to distinguish at the RADIUS server side > between #1 and #2 via the "Called-Station-Id" attribute since the > D-Link AP's we are using sets that to something like: Yes. > Users connecting to the 802.1x enabled physical ethernet ports should First, write down how those requests are different from (1) and (2). Then, use that information to create policies. > Modem pool users should accept request from three different realms Again, first decide how these requests are different from the previous ones. Then, create policies. > VPN pool users should do something similar to #4 but using the > Nortel-specific attributes. And how are these requests distinguished from others? > Anyway - what I'm curious about is if there are others 'out there' that > have done similar stuff before? Yes. Lots. > Any cookbooks for setting up a FreeRadius 2 server in an EDUROAM > environment? I don't have links handy, but yes... > FreeRadius 2.1.0 directly to the Access Point (with a response received > via Proxying to the same 1.1.7 server): ... > Sending Access-Accept of id 6 to 192.168.160.158 port 1036 > Vendor-Specific = > 0x0000013711348565439b6986f71bfa7425319eac8dd791f24936bc66a8cdd928a91c9c4343958ef040212 > 4dd4f552726302e356b878e6474 > Vendor-Specific = > 0x0000013710348b855687f3a4ef1194289232229fe0be952c98689fb606c1e9d6ceae6a388baee98eeb292 > be2d41ae58efa7f67737dec758c > EAP-Message = 0x03060004 > Message-Authenticator = 0x00000000000000000000000000000000 > User-Name = "testson" > Finished request 6. > > (I assume that 'Vendor-Specific' stuff is the MS-MPPE-Recv-Key stuff > that the 1.1.7 talks about). Yes. But it's *not* being printed as MS-MPPE-Recv-Key, which means you've broken the dictionaries somehow. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
