Dr.Peer-Joachim Koch wrote: > Hi, > > we're using freeradius to switch different computer into various > vlans on our switches. We have had a working configuration for > freeradius 1.x, but for 2.1.6 (running on SLES) this configuration is > working different. > We're including a file looking like this: > ------------------- > # VLAN 14 > # > # > DEFAULT > Tunnel-Private-Group-ID = 14, > Foundry-802_1x-enable = 0, > Fall-Through = 1 > # > aaabbbcccddd User-Password == "aaabbbcccddd"
Change this to: Cleartext-Password := "...." If you run the server in debugging mode, it will print a message saying you need to do this. > # VLAN 15 > # > # > DEFAULT > Tunnel-Private-Group-ID = 15, > Foundry-802_1x-enable = 0, > Fall-Through = 1 > # > bbbcccdddaaa User-Password == "bbbcccdddaaa" Fix this, too. > On the new freeradius *all* valid mac addresses are > getting the vlan Tunnel-Private-Group-ID from the > first statement. All other vlan id's are ignored. That's pretty much what the "users" file says to do. See "man users". What you want is to use the ":=" operator in the section section. Maybe. > The advantage was, to group all mac according to the vlan-id. But you're not doing that. What I *think* you want is "mac list A in vlan A", and "mac list B in vlan B". > Is there a way to group the mac addresses with one header ? See "man rlm_passwd" for a way to create groups of arbitrary objects. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
