On Mon, Oct 14, 2013 at 10:40:19AM +0100, Matthew Newton wrote:
> On Fri, Oct 11, 2013 at 05:41:07PM +0100, Fabrizio Vecchi wrote:
> > As you can see, the device wasn't listed in the file, the authentication
> > went fine, saying that the tunnel that I should get has ID 40, but that
> > wasn't overwritten by the authorized_macs check...
> DEFAULT Auth-Type := Reject

I misread (and replied before I'd seen the other thread from your
duplicate message...) - to set the vlan for any users that *don't*
match other entries, then add this at the bottom:

    Tunnel-Type:0 := VLAN
    Tunnel-Medium-Type:0 := IEEE-802
    Tunnel-Private-Group-Id:0 := "999"

To Reject, you can do it in authorize. To set the VLAN, as Alan
said, post-auth is the better place.

Use ":=" to force the values to be set. "=" will not change the
values if already set by the inner tunnel, etc.


Matthew Newton, Ph.D. <m...@le.ac.uk>

Systems Specialist, Infrastructure Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom

For IT help contact helpdesk extn. 2253, <ith...@le.ac.uk>
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to