I'm trying to configure Dynamic VLAN's on a wireless network using a
Ruckus ZD3000 and FreeRadius 2.1.1-7.12.1 running on a SLES 11 sp1/OES11
box. I currently have 802.11 authentication using EAP configured and
working. The Ruckus Zone Director requires the following attributes to
be able to set the VLAN dynamically:

Tunnel-Type = VLAN
Tunnel-Medium-Type = 802
Tunnel-Private-Group-ID = 'id'

I find that if I put this in the users file on the FreeRadius server:

Tunnel-Type = VLAN,

Tunnel-Medium-Type = 802,

Tunnel-Private-Group-ID = 88,


dynamic vlans work perfectly and I can change the
'Tunnel-Private-Group-ID' number (88) and the client will change vlan's
when the user authenticates to the wireless network. What I want to be
able to do is have the FreeRadius server read this info from the radius
users in edirectory and pass them to the ZD for use.

I'm unclear on where or how to configure the freeradius server to
retrieve radius user attributes from eDirectory though. In Appendix A of
the document "Integrating Novell eDirectory with FreeRadius" the
attribute 'radius Tunnel Private Group Id' looks like what I want but
the document doesn't explained how to configure FreeRadius to retrieve
these attributes.

Any assistance is greatly appreciated.


dlietz's Profile: https://forums.netiq.com/member.php?userid=917
View this thread: https://forums.netiq.com/showthread.php?t=47781