Ruckus, Radius, Dynamic Vlan Assignment

Page content

How to Dynamic Assign Vlans with Ruckus Unleashed and FreeRadius

Setup FreeRadius

pkg_add freeradius--%freeradius3

clients.conf

add your wlan ap

client ruckus {
	ipaddr		= 1.2.3.4/32
	secret		= das-sag-ich-dir-nicht
}

users.conf

add some users


# Admin to Admin Vlan (100)
admin Cleartext-Password := "das-sag-ich-dir-nicht"
  Tunnel-Type = 13,
  Tunnel-Medium-Type = 6,
  Tunnel-Private-Group-Id = "100"

# Guests to Guest Vlan (200)
guest Cleartext-Password := "das-sag-ich-nur-dem-gast"
  Tunnel-Type = 13,
  Tunnel-Medium-Type = 6,
  Tunnel-Private-Group-Id = "200"

/etc/raddb/sites-available/inner-tunnel

enable Vlan rewrite on line 336 (set to 1)

  #
  #  Instead of "use_tunneled_reply", change this "if (0)" to an
  #  "if (1)".
  #
  if (1) {

Service

rcctl enable freeradius
rcctl restart freeradius

configure Ruckus AP

  • create AAA Server
  • create Policy
  • create SSID, enable Dynamic Vlan
  • give a try
  • use Debug Client Menu with MAC Address of Wlan Client

sha256: 11fd6cdd7211e1dc240d47422a7cf78e6a03598e015545abf8397343f671a6c8