My apologies, I was out of the office yesterday. Here is our custom vlan code:
http://pastebin.com/xxEsvvcV the necessary bit is: my ($this, $switch, $ifIndex, $mac, $node_info, $connection_type, $user_name, $ssid) = @_; my $logger = Log::Log4perl->get_logger(); if (defined($node_info->{'category'})) { if (($node_info->{'category'}) eq 'Staff') { return $switch->getVlanByName('customVlan1'); } elsif (($node_info->{'category'}) eq 'Students') { return $switch->getVlanByName('customVlan2'); } elsif (($node_info->{'category'}) eq 'Guest') { return $switch->getVlanByName('customVlan3'); } } $logger->warn("Something is misconfigured. You should not see this message. Return null VLAN."); return -1; } Basically, you can return the vlan on any arbitrary value you choose you just need to find a way to expose it to the getNormalVlan method. I do not know if the IP of the station is in the @_ var, especially since the IP is generally determined by the vlan and not the other way around. Jake Sallee Godfather of Bandwidth Network Engineer University of Mary Hardin-Baylor 900 College St. Belton, Texas 76513 Fone: 254-295-4658 Phax: 254-295-4221 ________________________________________ From: Sallee, Stephen (Jake) [[email protected]] Sent: Thursday, December 29, 2011 10:21 PM To: [email protected] Subject: Re: [Packetfence-users] DHCP Scope based on user credentials We are doing something similar, we are assigning vlans based on IP and category. The main idea is to write your custom logic in the vlan custom module. You will need to have some way of pulling the user info into the logic, since we are using radius this was not too hard. But the main point is that you will be assigning a VLAN NOT an IP, the IP info will need to be based on the assigned vlan. Francois is actually the one who helped us set it up. The whole Inverse team is top notch, for initial install and config I highly suggest getting their help. I am out of the office until Monday, but I will post a sanitized copy of our setup for you to look over once I am back. Jake Sallee Godfather of Bandwidth Network Engineer University of Mary Hardin-Baylor 900 College St. Belton, Texas 76513 Fone: 254-295-4658[X]<https://officemail.umhb.edu/owa/?ae=Item&a=Open&t=IPM.Note&id=RgAAAAB5NlAep%2bEuQba90yUowxo%2fBwBOLmuBodD%2bTo4rAfX%2bmgEmAAAEhL7YAAA6mBXYgPuvQaUjs6Na88PfAAAXEgPnAAAJ&s=Draft&pspid=_1325218379909_26024572#> Phax: 254-295-4221[X]<https://officemail.umhb.edu/owa/?ae=Item&a=Open&t=IPM.Note&id=RgAAAAB5NlAep%2bEuQba90yUowxo%2fBwBOLmuBodD%2bTo4rAfX%2bmgEmAAAEhL7YAAA6mBXYgPuvQaUjs6Na88PfAAAXEgPnAAAJ&s=Draft&pspid=_1325218379909_26024572#> ==================================================================== From: Francois Gaudreault [[email protected]] Sent: Thursday, December 29, 2011 3:07 PM To: [email protected] Subject: Re: [Packetfence-users] DHCP Scope based on user credentials Using categories, it's kinda possible yes. You need to build an "intelligent" authentication module that is able to categorize a node according either to an AD group/OU, or you do it using multiple modules (ie. You create a staff module, and a student module. If you select the module staff, and you login, you get category A, if you select student, you get category B). After that, you need custom vlan assignment code in vlan/custom.pm to return a different vlan depending of the category. On 11-12-29 12:57 PM, Mark Surkin wrote: Can anyone tell me whether PacketFence is capable of assigning DHCP addresses from a specific scope based on user credentials? ------------------------------------------------------------------------------ Ridiculously easy VDI. With Citrix VDI-in-a-Box, you don't need a complex infrastructure or vast IT resources to deliver seamless, secure access to virtual desktops. With this all-in-one solution, easily deploy virtual desktops for less than the cost of PCs and save 60% on VDI infrastructure costs. Try it free! http://p.sf.net/sfu/Citrix-VDIinabox _______________________________________________ Packetfence-users mailing list [email protected]<mailto:[email protected]> https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Francois Gaudreault, ing. jr [email protected]<mailto:[email protected]> :: +1.514.447.4918 (x130) :: www.inverse.ca<http://www.inverse.ca> Inverse inc. :: Leaders behind SOGo (www.sogo.nu<http://www.sogo.nu>) and PacketFence (www.packetfence.org<http://www.packetfence.org>) ------------------------------------------------------------------------------ Ridiculously easy VDI. With Citrix VDI-in-a-Box, you don't need a complex infrastructure or vast IT resources to deliver seamless, secure access to virtual desktops. With this all-in-one solution, easily deploy virtual desktops for less than the cost of PCs and save 60% on VDI infrastructure costs. Try it free! http://p.sf.net/sfu/Citrix-VDIinabox _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users ------------------------------------------------------------------------------ Write once. Port to many. Get the SDK and tools to simplify cross-platform app development. Create new or port existing apps to sell to consumers worldwide. Explore the Intel AppUpSM program developer opportunity. appdeveloper.intel.com/join http://p.sf.net/sfu/intel-appdev _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
