Posts

Freeradius, Unifi and Vlans

Image
Freeradius and Unifi Introduction      When I joined my employer in 2012 i discovered they did something interesting called MAB which allowed the same switch port to put different vlans based on mac address. At the time I thought this was pretty interesting at it would allow me to have a guest vlan on my wireless access points. Having an old Cisco switch I setup something called VMPS using freeradius and a built in module called mac2vlan and I managed to set this up with pretty much no knowledge of radius. I stopped doing this as it really didn't work very well when a clients roamed between access points. Roaming between access points was still a problem so in time bit the bullet and bought expensive pro-consumer unifi access points. These could broadcast multiple sids and use different vlans. Roll on to the near past and IOT has arrived along with horrific security of devices. Spinning up lots of SIDs for each type of device is not possible (a limit of 4 per AP) and is j...
Post a Comment
Read more

First Post

     Well after being told yet again by a co-worker that I should capture the information of my non profit making side projects. I finally opened this blog only 12 years after I created an account on Blogger. This is something I never got around, as I always felt as a Sysadmin I should be running my own blog server. I considered Drupal over 10 years ago when I setup a server for a company I worked for. I however never got around to it because I never wanted to do all the sysadmining required to keep a blog that almost no one would ever look at, keep up to patched and secure.     So here we are another ten years later with more with even more text file dotted around various machines, not lost to time just almost impossible to find with my heap based organisation. Lets see how much I record here, or if this is another blog destined to forgotten about.
Post a Comment
Read more