Permabanned
- Joined
- 9 Jun 2009
- Posts
- 11,924
- Location
- London, McLaren or Radical
Hi,
A Little stumped with something at the moment.
I am trying to use the Ruckus controller, linked to a freeradius server, to dish out dynamic vlans for specific user groups to give them a PAN.
I have gotten so far as to be able to add the MAC address of the devices manually to the radius server and it's also linked via API to another system that can dish out that information, as long as the device(s) are already in the system.
The problem I have, is that I can't seem to figure out how to let new / guest devices still connect to a guest vlan so that the system can grab their MAC and then stick them in the appropriate PAN.
With standard MAC authentication on the Ruckus controller, as the new device doesn't exist, it won't even allow it to connect.
With hotspot ssid on the Ruckus, the devices are put on the mgmt vlan to authenticate with a portal, however because they are on the mgmt vlan and not the guest vlan - it won't allow them to progress. I don't see any option to change the VLAN that the devices are connected to with this option.
My ideal would be to use the standard MAC auth with something like a wildcard, then I'd specify in the Radius server that these wildcard MACs are added straight to the guest VLAN with no splash page.
Any help would be greatly appreciated.
Thanks
A Little stumped with something at the moment.
I am trying to use the Ruckus controller, linked to a freeradius server, to dish out dynamic vlans for specific user groups to give them a PAN.
I have gotten so far as to be able to add the MAC address of the devices manually to the radius server and it's also linked via API to another system that can dish out that information, as long as the device(s) are already in the system.
The problem I have, is that I can't seem to figure out how to let new / guest devices still connect to a guest vlan so that the system can grab their MAC and then stick them in the appropriate PAN.
With standard MAC authentication on the Ruckus controller, as the new device doesn't exist, it won't even allow it to connect.
With hotspot ssid on the Ruckus, the devices are put on the mgmt vlan to authenticate with a portal, however because they are on the mgmt vlan and not the guest vlan - it won't allow them to progress. I don't see any option to change the VLAN that the devices are connected to with this option.
My ideal would be to use the standard MAC auth with something like a wildcard, then I'd specify in the Radius server that these wildcard MACs are added straight to the guest VLAN with no splash page.
Any help would be greatly appreciated.
Thanks