[Chilli] Dynamic VLAN and 8021x

Fernando Pizarro feanpg at gmail.com
Thu Nov 14 15:40:11 UTC 2013 

Hi Russel,

I have configured hostapd with dynamic VLAN (8021x) and Coovachilli give 
me IP address of this VLAN using Tunnel-Type, Tunnel-Medium-Type and 
Tunnel-Private-Group-Id attributes. But in captive portal I can't 
autheticated with the same user and password, sure I misconfigured 
something.

By default, Freeradius 2.1.10 doesn't contains all attributes of 
ChilliSpot (ChilliSpot-VLAN-Id for example) so I copy update dictionary 
[1] in /usr/share/freeradius/dictionay.chillispot. If the 
ChilliSpot-VLAN-Id attribute exist, Radius reply that but I want my 
clients reconfiguring their DHCP address with this VLAN. I don't know if 
possible to do.

Now I'm trying to use Coovachilli to proxy request of hostapd and use 
ChilliSpot VSA attributes, but still I can't do work it.

Thanks for reply.
Regards. Fernando.

[1] - 
<https://dev.coova.org/svn/cjradius/tags/jradius-1.1.4/freeradius/dict/dictionary.chillispot>http://dev.coova.org/svn/coova-chilli/doc/dictionary.chillispot

El 14/11/13 15:52, Russell Mike escribió:
> Hi Femando
>
> i am also looking for same setup. i will share if i got something 
> working. But i have asked list members for their ideas but did not 
> receive any response. i am just asking for their idea not 
> configuration model. I do not mind if the idea did not work. i am 
> ready to give attempt. Also, can anyone please tell me what is the use 
> for ChilliSpot-Vlan-ID ? in which case it can be used ?
>
>
> <><><><><><><><><> My Setup <><><><><><><><><>
>
> We wish to use web content filtering for sales department. Asking 
> advice if this do able like such.
>
> 1.) i have chili running in multi tenancy mode using VLANs. 
>  VLAN10, VLAN20, VLAN30, VLAN40, VLAN50 - Working !!
>
> 2.) VLAN30 CoovaChilli Instance is using parent proxy as Dansgurdian 
> For Filtering - Working!!
>
> 3.) I am thinking to create a radius group "Content-Filtered-Users" 
>  which has following attribute.
>
> Reply-Item: ChilliSpot-Vlan-ID := 30"
> Check-Item: As_Need
>
> 4.) Sales users are part of "Content-Filtered-Users" group
>
> 5.) When a user tries to authenticate which is part of 
> "Content-Filtered-Users" group. Chilli should put || provide access to 
> those use through VLAN30 so that their traffic is filtered.
>
> Have anyone done such or similar for content filtering? i would very 
> grateful for sharing idea one has done so.
> <><><><><><><><><>
>
> Regards / RM--
>
> On Thu, Nov 14, 2013 at 8:41 AM, Fernando Pizarro <feanpg at gmail.com 
> <mailto:feanpg at gmail.com>> wrote:
>
>     Hi all!
>
>     I'm trying to create captive portal with dynamic VLAN and 8021x. I
>     found this post of 2010 [1].
>
>     - It's possible to do this configuration?
>     - Coova is able to send DHCP Nack request?
>
>     Thanks for all.
>     Regards. Fernando.
>
>     [1] - http://lists.coova.org/pipermail/chilli/2010-April/001231.html
>     _______________________________________________
>     Chilli mailing list
>     Chilli at coova.org <mailto:Chilli at coova.org>
>     http://lists.coova.org/cgi-bin/mailman/listinfo/chilli
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.coova.org/pipermail/chilli/attachments/20131114/69af743a/attachment-0001.html>

More information about the Chilli mailing list