Wireless Control System, Radius, and controller configuration

Discussion in 'Cisco' started by carcarx@hotmail.com, Aug 13, 2007.

  1. Guest

    We're just starting with the cisco Wireless Control System. We'd like
    to utilize it as follows:

    User logs in to the login.html bundle. The bundle passes off username/
    password to our wireless radius
    server, which returns success/fail and, if success, the SSID the user
    should be assigned to, if fail, the
    "guest" SSID.

    How can we configure the controller's radius client to accept the SSID
    for the user and the user's ID, so that the user can associate with
    the access point geographically appropriate for the user?

    Thank you!
     
    , Aug 13, 2007
    #1
    1. Advertising

  2. ~ We're just starting with the cisco Wireless Control System. We'd like
    ~ to utilize it as follows:
    ~
    ~ User logs in to the login.html bundle. The bundle passes off username/
    ~ password to our wireless radius
    ~ server, which returns success/fail and, if success, the SSID the user
    ~ should be assigned to, if fail, the
    ~ "guest" SSID.
    ~
    ~ How can we configure the controller's radius client to accept the SSID
    ~ for the user and the user's ID, so that the user can associate with
    ~ the access point geographically appropriate for the user?
    ~
    ~ Thank you!

    This isn't behavior that you can control from the infrastructure side -
    it's up to the client device to decide which SSID it will try to associate
    to, and which AP within that SSID to use.

    Aaron
     
    Aaron Leonard, Aug 14, 2007
    #2
    1. Advertising

  3. Guest

    Thanks, Aaron! Looks like cisco document ID 71683 tells me what I
    needed to know!


    On Aug 14, 3:23 pm, Aaron Leonard <> wrote:
    > ~ We're just starting with the cisco Wireless Control System. We'd like
    > ~ to utilize it as follows:
     
    , Aug 15, 2007
    #3
  4. sircco Guest

    Hi there,

    Im sysadmin for 6-7 years with big experience in radius in general,
    also made my own radius + oracle + wifi + wired solution so if you have any
    questions, i have some free time for few days so you can contact me on mail.

    Damir


    On 2007-08-15, <> wrote:
    > Thanks, Aaron! Looks like cisco document ID 71683 tells me what I
    > needed to know!
    >
    >
    > On Aug 14, 3:23 pm, Aaron Leonard <> wrote:
    >> ~ We're just starting with the cisco Wireless Control System. We'd like
    >> ~ to utilize it as follows:

    >
    >
    >
     
    sircco, Aug 16, 2007
    #4
  5. Guest

    Hvala, Damire!

    Do you have any Perl code that stuffs a buffer with both the access-
    accept and VLAN attributes,
    along the lines of:

    my $resp = new RADIUS::packet $d;
    $resp->set_code('Access-Accept');
    $resp->set_attr('Tunnel-Type','VLAN');
    $resp->set_attr('Tunnel-Medium-Type','802');
    $resp->set_attr('Tunnel-Private-Group',"123");

    my $respdat = auth_resp($resp->pack, "mysecret");

    Hvala mnogo!


    On Aug 16, 5:56 pm, sircco <> wrote:
    > Hi there,
    >
    > Im sysadmin for 6-7 years with big experience in radius in general,
    > also made my own radius + oracle + wifi + wired solution so if you have any
    > questions, i have some free time for few days so you can contact me on mail.
     
    , Aug 17, 2007
    #5
  6. sircco Guest

    Is this maybe Radiator radius server we're talking about?
    Whatever it is I suggest you do the following
    Make realm or handler or anything else that will filter your specific
    group of users you're trying to handle and

    do

    AddToReply
    Tunnel-Type = VLAN, \
    Tunnel-Medium-Type = 802,
    Tunnel-Private-group = 123

    If you give me your specific radiator implementation i can give you more
    specific answer.
    Also if you are planning to use database for all of your authentication
    then its similar implementation,but i can explain.

    Damir


    On 2007-08-17, <> wrote:
    > Hvala, Damire!
    >
    > Do you have any Perl code that stuffs a buffer with both the access-
    > accept and VLAN attributes,
    > along the lines of:
    >
    > my $resp = new RADIUS::packet $d;
    > $resp->set_code('Access-Accept');
    > $resp->set_attr('Tunnel-Type','VLAN');
    > $resp->set_attr('Tunnel-Medium-Type','802');
    > $resp->set_attr('Tunnel-Private-Group',"123");
    >
    > my $respdat = auth_resp($resp->pack, "mysecret");
    >
    > Hvala mnogo!
    >
    >
    > On Aug 16, 5:56 pm, sircco <> wrote:
    >> Hi there,
    >>
    >> Im sysadmin for 6-7 years with big experience in radius in general,
    >> also made my own radius + oracle + wifi + wired solution so if you have any
    >> questions, i have some free time for few days so you can contact me on mail.

    >
     
    sircco, Aug 17, 2007
    #6
  7. Guest

    On Aug 17, 9:05 am, sircco <> wrote:
    > Is this maybe Radiator radius server we're talking about?


    No. It'll be FreeRadius on Linux.

    > Also if you are planning to use database for all of your authentication
    > then its similar implementation,but i can explain.


    The "hook" Free Radius gives us is rlm_perl and that's fine.
    I can deal with the db just fine.
     
    , Aug 18, 2007
    #7
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. David
    Replies:
    0
    Views:
    2,687
    David
    Nov 6, 2003
  2. altu
    Replies:
    1
    Views:
    995
  3. M P

    AP and Win2K Radius Configuration Guide

    M P, Mar 30, 2006, in forum: Wireless Networking
    Replies:
    1
    Views:
    701
    kapil [MSFT]
    May 18, 2006
  4. Thomas Creutz
    Replies:
    3
    Views:
    8,626
    ohadhawk
    Jan 6, 2010
  5. Abaaseen
    Replies:
    9
    Views:
    1,016
    Kline Sphere
    Jan 19, 2009
Loading...

Share This Page