Powered by
Jitbit Forum
free trial version.
home
recent topics
recent posts
search
faq
TekRADIUS
Forum
remember me
register
|
lost password
Home
»
General
»
Groups and banning groups from an AP/SSID
General issues
show rated messages only
|
27.01.2010 02:46:16
DrSpanky
Posts:
2
Howdy
I've set up Tekradius for mac based authentication and im looking for a way to block certain groups form certain SSIDs
for example
i have 2 group, one "staff" one "students"
and 2 laptops laptop1 is a staff laptop and laptop2 is a student laptop (both laptop names are the mac addresses that part works) and each laptop is in the correct group
i have that access point setup to broadcast 2 SSID's both on different VLANs
xx-xx-xx-xx-xx-xx:Staff
xx-xx-xx-xx-xx-xx:Student
is there a way to ban the student group from xx-xx-xx-xx-xx-xx:Staff
any help would be much appreciated
0
•
permalink
27.01.2010 11:54:30
Admin
Administrator
Posts:
1684
Hi,
As far as I understandt your AP device sends SSID information as a part of Calling-Station-Id value in access requests.
Unfortunately TekRADIUS can not process a part of incoming RADIUS attribute. If your AP can send SSID information in a attribute as
an individual value, you can create a group and add TekRADIUS-Status attribute as check attribute with value "Disabled" along with the attribute which denotes
individually SSID.
Best regards,
Yasin KAPLAN
0
•
permalink
27.01.2010 20:18:20
DrSpanky
Posts:
2
admin
wrote:
Hi,
As far as I understandt your AP device sends SSID information as a part of Calling-Station-Id value in access requests.
Unfortunately TekRADIUS can not process a part of incoming RADIUS attribute. If your AP can send SSID information in a attribute as
an individual value, you can create a group and add TekRADIUS-Status attribute as check attribute with value "Disabled" along with the attribute which denotes
individually SSID.
Best regards,
Yasin KAPLAN
The calling station id comes up as the laptops mac address only like this xx-xx-xx-xx-xx-xx
the called station Id comes up as APs Mac then the ssid like this xx-xx-xx-xx-xx-xx:Staff
so it wouldnt need to process part of that attribute, could it deal with the field as a whole?
like if user name is in staff group and called station id is equal to xx-xx-xx-xx-xx-xx:Staff allow access else deny access
0
•
permalink
show rated messages only
|
Home
»
General
»
Groups and banning groups from an AP/SSID
Powered by
Jitbit Forum
7.2.3.0
© 2006-2011 Jitbit Software