Hello David,
to answer to the three questions, the answer is yes.
So the quick process:
Access point Hostapd: 192.168.0.1
SSID Enterprise
So first go in Configuration -> Roles and create roles (Vlan_10 ,
Vlan_20 ...)
Configure in Switches your access point with ip ... and map vlan id to
roles (Vlan_10 -> 10 , Vlan_20 -> 20 ...)
In Sources create a internal source AD (MY_ACTIVE_DIRECTORY) and after
creating the source add a rule with something like:
Name User_to_vlan_10
memberOf is member of Vlan 10
Action: Set role Vlan_10
Set access duration 5 days
Name User_to_Vlan_20
....
Then in Portal Profiles add a profile (MY_PORTAL):
Filter : Enterprise (SSID Type)
Sources : MY_ACTIVE_DIRECTORY.
So when a user will try to connect to the SSID Enterprise, it will hit
MY_PORTAL captive portal and after the user enter his username and
password PacketFence will test on MY_ACTIVE_DIRECTORY and if it match
then try the rules and if the rule match (per example User_to_Vlan_10)
it will set the role Vlan_10 , set access duration to 5 days and map to
vlan id 10.
Regards
Fabrice
Le 2014-07-17 06:58, rewt rewt a écrit :
Dear All,
I am currently using NAP (Windows) for dynamic VLAN assignment over
EAP/802.1x based on active directory groups.
For example:
If user john is in group "Vlan 10" he will be in the VLAN 10.
I would love to move to PacketFence! but i can't find any clear
documentation on how to suceed.
I have several questions:
- Is it possible to do that with PacketFence ?
- Is it possible to do that kind of configuration 100% from the WebUI ?
- Could you describe a quick process on how to suceed
Thank you!
Kind regards,
David R
------------------------------------------------------------------------------
Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck
Code Sight - the same software that powers the world's largest code
search on Ohloh, the Black Duck Open Hub! Try it now.
http://p.sf.net/sfu/bds
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
Fabrice Durand
[email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
(http://packetfence.org)
------------------------------------------------------------------------------
Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck
Code Sight - the same software that powers the world's largest code
search on Ohloh, the Black Duck Open Hub! Try it now.
http://p.sf.net/sfu/bds
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
